$this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
$this->mAction = $request->getVal( 'action' );
$this->mRemember = $request->getCheck( 'wpRemember' );
- $this->mStickHTTPS = $request->getCheck( 'wpStickHTTPS' );
+ $this->mFromHTTP = $request->getBool( 'fromhttp', false );
+ $this->mStickHTTPS = ( !$this->mFromHTTP && $request->detectProtocol() === 'https' ) || $request->getBool( 'wpForceHttps', false );
$this->mLanguage = $request->getText( 'uselang' );
$this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
$this->mToken = ( $this->mType == 'signup' ) ? $request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' );
// If logging in and not on HTTPS, either redirect to it or offer a link.
global $wgSecureLogin;
- if (
- $this->mType !== 'signup' &&
- WebRequest::detectProtocol() !== 'https'
- ) {
+ if ( WebRequest::detectProtocol() !== 'https' ) {
$title = $this->getFullTitle();
$query = array(
'returnto' => $this->mReturnTo,
'returntoquery' => $this->mReturnToQuery,
- 'wpStickHTTPS' => $this->mStickHTTPS
);
$url = $title->getFullURL( $query, false, PROTO_HTTPS );
- if ( $wgSecureLogin ) {
+ if ( $wgSecureLogin && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) ) {
+ $url = wfAppendQuery( $url, 'fromhttp=1' );
$this->getOutput()->redirect( $url );
return;
} else {
}
function processLogin() {
- global $wgMemc, $wgLang, $wgSecureLogin;
+ global $wgMemc, $wgLang, $wgSecureLogin, $wgPasswordAttemptThrottle;
switch ( $this->authenticateUserData() ) {
case self::SUCCESS:
$user->invalidateCache();
}
+ if ( $user->requiresHTTPS() ) {
+ $this->mStickHTTPS = true;
+ }
+
if ( $wgSecureLogin && !$this->mStickHTTPS ) {
$user->setCookies( null, false );
} else {
$this->userBlockedMessage( $this->getUser()->isBlockedFromCreateAccount() );
break;
case self::THROTTLED:
- $this->mainLoginForm( $this->msg( 'login-throttled' )->text() );
+ $this->mainLoginForm( $this->msg( 'login-throttled' )
+ ->params ( $this->getLanguage()->formatDuration( $wgPasswordAttemptThrottle['seconds'] ) )
+ ->text()
+ );
break;
case self::USER_BLOCKED:
$this->mainLoginForm( $this->msg( 'login-userblocked',
global $wgEnableEmail, $wgEnableUserEmail;
global $wgHiddenPrefs, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
- global $wgSecureLogin, $wgSecureLoginDefaultHTTPS, $wgPasswordResetRoutes;
+ global $wgSecureLogin, $wgPasswordResetRoutes;
$titleObj = $this->getTitle();
$user = $this->getUser();
$template->set( 'link', '' );
}
- // Decide if we default stickHTTPS on
- if ( $wgSecureLoginDefaultHTTPS && $this->mAction != 'submitlogin' && !$this->mLoginattempt ) {
- $this->mStickHTTPS = true;
- }
-
$resetLink = $this->mType == 'signup'
? null
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
$template->set( 'usereason', $user->isLoggedIn() );
$template->set( 'remember', $user->getOption( 'rememberpassword' ) || $this->mRemember );
$template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
- $template->set( 'stickHTTPS', $this->mStickHTTPS );
+ $template->set( 'stickhttps', (int)$this->mStickHTTPS );
if ( $this->mType === 'signup' && $user->isLoggedIn() ) {
$template->set( 'createAnother', true );