*
* @file
*/
+use MediaWiki\Logger\LoggerFactory;
/**
* Unit to authenticate account registration attempts to the current wiki.
);
}
if ( $this->getUser()->isBlockedFromCreateAccount() ) {
- $this->dieUsage( 'You cannot create a new account because you are blocked', 'blocked' );
+ $this->dieUsage(
+ 'You cannot create a new account because you are blocked',
+ 'blocked',
+ 0,
+ array( 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $this->getUser()->getBlock() ) )
+ );
}
$params = $this->extractRequestParams();
- // Init session if necessary
- if ( session_id() == '' ) {
- wfSetupSession();
- }
+ // Make sure session is persisted
+ MediaWiki\Session\SessionManager::getGlobalSession()->persist();
if ( $params['mailpassword'] && !$params['email'] ) {
$this->dieUsageMsg( 'noemail' );
Hooks::run( 'AddNewAccountApiForm', array( $this, $loginForm ) );
$loginForm->load();
- $status = $loginForm->addNewaccountInternal();
+ $status = $loginForm->addNewAccountInternal();
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt via API', array(
+ 'event' => 'accountcreation',
+ 'status' => $status,
+ ) );
$result = array();
if ( $status->isGood() ) {
// Success!
'createaccount-title',
'createaccount-text'
) );
- } elseif ( $this->getConfig()->get( 'EmailAuthentication' ) && Sanitizer::validateEmail( $user->getEmail() ) ) {
+ } elseif ( $this->getConfig()->get( 'EmailAuthentication' ) &&
+ Sanitizer::validateEmail( $user->getEmail() )
+ ) {
// Send out an email authentication message if needed
$status->merge( $user->sendConfirmationMail() );
}
// Token was incorrect, so add it to result, but don't throw an exception
// since not having the correct token is part of the normal
// flow of events.
- $result['token'] = LoginForm::getCreateaccountToken();
+ $result['token'] = LoginForm::getCreateaccountToken()->toString();
$result['result'] = 'NeedToken';
+ $this->setWarning( 'Fetching a token via action=createaccount is deprecated. ' .
+ 'Use action=query&meta=tokens&type=createaccount instead.' );
+ $this->logFeatureUsage( 'action=createaccount&!token' );
} elseif ( !$status->isOK() ) {
// There was an error. Die now.
$this->dieStatus( $status );
$warnings = $status->getErrorsByType( 'warning' );
if ( $warnings ) {
foreach ( $warnings as &$warning ) {
- $apiResult->setIndexedTagName( $warning['params'], 'param' );
+ ApiResult::setIndexedTagName( $warning['params'], 'param' );
}
- $apiResult->setIndexedTagName( $warnings, 'warning' );
+ ApiResult::setIndexedTagName( $warnings, 'warning' );
$result['warnings'] = $warnings;
}
} else {
ApiBase::PARAM_TYPE => 'user',
ApiBase::PARAM_REQUIRED => true
),
- 'password' => null,
+ 'password' => array(
+ ApiBase::PARAM_TYPE => 'password',
+ ),
'domain' => null,
- 'token' => null,
+ 'token' => array(
+ ApiBase::PARAM_TYPE => 'string',
+ ApiBase::PARAM_REQUIRED => false, // for BC
+ ApiBase::PARAM_HELP_MSG => array( 'api-help-param-token', 'createaccount' ),
+ ),
'email' => array(
ApiBase::PARAM_TYPE => 'string',
ApiBase::PARAM_REQUIRED => $this->getConfig()->get( 'EmailConfirmToEdit' ),