* @file
* @ingroup SpecialPage
*/
+use MediaWiki\Logger\LoggerFactory;
/**
* Implements Special:UserLogin
const WRONG_TOKEN = 13;
const USER_MIGRATED = 14;
+ public static $statusCodes = array(
+ self::SUCCESS => 'success',
+ self::NO_NAME => 'no_name',
+ self::ILLEGAL => 'illegal',
+ self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass',
+ self::NOT_EXISTS => 'not_exists',
+ self::WRONG_PASS => 'wrong_pass',
+ self::EMPTY_PASS => 'empty_pass',
+ self::RESET_PASS => 'reset_pass',
+ self::ABORTED => 'aborted',
+ self::CREATE_BLOCKED => 'create_blocked',
+ self::THROTTLED => 'throttled',
+ self::USER_BLOCKED => 'user_blocked',
+ self::NEED_TOKEN => 'need_token',
+ self::WRONG_TOKEN => 'wrong_token',
+ self::USER_MIGRATED => 'user_migrated',
+ );
+
/**
* Valid error and warning messages
*
}
$status = $this->addNewAccountInternal();
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt with mailed password', array(
+ 'event' => 'accountcreation',
+ 'status' => $status,
+ ) );
if ( !$status->isGood() ) {
$error = $status->getMessage();
$this->mainLoginForm( $error->toString() );
# Create the account and abort if there's a problem doing so
$status = $this->addNewAccountInternal();
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt', array(
+ 'event' => 'accountcreation',
+ 'status' => $status,
+ ) );
+
if ( !$status->isGood() ) {
$error = $status->getMessage();
$this->mainLoginForm( $error->toString() );
# Now create a dummy user ($u) and check if it is valid
$u = User::newFromName( $this->mUsername, 'creatable' );
- if ( !is_object( $u ) ) {
+ if ( !$u ) {
return Status::newFatal( 'noname' );
- } elseif ( 0 != $u->idForName() ) {
+ }
+
+ # Make sure the user does not exist already
+ $lock = $wgMemc->getScopedLock( wfGlobalCacheKey( 'account', md5( $this->mUsername ) ) );
+ if ( !$lock ) {
+ return Status::newFatal( 'usernameinprogress' );
+ } elseif ( $u->idForName( User::READ_LOCKING ) ) {
return Status::newFatal( 'userexists' );
}
}
# check for password validity, return a fatal Status if invalid
- $validity = $u->checkPasswordValidity( $this->mPassword );
+ $validity = $u->checkPasswordValidity( $this->mPassword, 'create' );
if ( !$validity->isGood() ) {
$validity->ok = false; // make sure this Status is fatal
return $validity;
$u->setRealName( $this->mRealName );
$u->setToken();
+ Hooks::run( 'LocalUserCreated', array( $u, $autocreate ) );
+ $oldUser = $u;
$wgAuth->initUser( $u, $autocreate );
+ if ( $oldUser !== $u ) {
+ wfWarn( get_class( $wgAuth ) . '::initUser() replaced the user object' );
+ }
$u->saveSettings();
$retval = self::RESET_PASS;
$this->mAbortLoginErrorMsg = 'resetpass-expired';
} else {
+ Hooks::run( 'UserLoggedIn', array( $u ) );
+ $oldUser = $u;
$wgAuth->updateUser( $u );
+ if ( $oldUser !== $u ) {
+ wfWarn( get_class( $wgAuth ) . '::updateUser() replaced the user object' );
+ }
$wgUser = $u;
// This should set it for OutputPage and the Skin
// which is needed or the personal links will be
global $wgMemc, $wgLang, $wgSecureLogin, $wgPasswordAttemptThrottle,
$wgInvalidPasswordReset;
- switch ( $this->authenticateUserData() ) {
+ $authRes = $this->authenticateUserData();
+ switch ( $authRes ) {
case self::SUCCESS:
# We've verified now, update the real record
$user = $this->getUser();
} elseif ( $wgInvalidPasswordReset
&& !$user->isValidPassword( $this->mPassword )
) {
- $status = $user->checkPasswordValidity( $this->mPassword );
+ $status = $user->checkPasswordValidity(
+ $this->mPassword,
+ 'login'
+ );
$this->resetLoginForm(
$status->getMessage( 'resetpass-validity-soft' )
);
default:
throw new MWException( 'Unhandled case value' );
}
+
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Login attempt', array(
+ 'event' => 'login',
+ 'successful' => $authRes === self::SUCCESS,
+ 'status' => LoginForm::$statusCodes[$authRes],
+ ) );
}
/**
'mediawiki.ui.input',
'mediawiki.special.userlogin.common.styles'
) );
- $out->addModules( array(
- 'mediawiki.special.userlogin.common.js'
- ) );
if ( $this->mType == 'signup' ) {
// XXX hack pending RL or JS parse() support for complex content messages
- // https://bugzilla.wikimedia.org/show_bug.cgi?id=25349
+ // https://phabricator.wikimedia.org/T27349
$out->addJsConfigVars( 'wgCreateacctImgcaptchaHelp',
$this->msg( 'createacct-imgcaptcha-help' )->parse() );
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
$template->set( 'header', '' );
+ $template->set( 'formheader', '' );
$template->set( 'skin', $this->getSkin() );
$template->set( 'name', $this->mUsername );
$template->set( 'password', $this->mPassword );