MediaWiki
REL1_22
|
00001 <?php 00033 class ApiLogin extends ApiBase { 00034 00035 public function __construct( $main, $action ) { 00036 parent::__construct( $main, $action, 'lg' ); 00037 } 00038 00048 public function execute() { 00049 // If we're in JSON callback mode, no tokens can be obtained 00050 if ( !is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) ) { 00051 $this->getResult()->addValue( null, 'login', array( 00052 'result' => 'Aborted', 00053 'reason' => 'Cannot log in when using a callback', 00054 ) ); 00055 return; 00056 } 00057 00058 $params = $this->extractRequestParams(); 00059 00060 $result = array(); 00061 00062 // Init session if necessary 00063 if ( session_id() == '' ) { 00064 wfSetupSession(); 00065 } 00066 00067 $context = new DerivativeContext( $this->getContext() ); 00068 $context->setRequest( new DerivativeRequest( 00069 $this->getContext()->getRequest(), 00070 array( 00071 'wpName' => $params['name'], 00072 'wpPassword' => $params['password'], 00073 'wpDomain' => $params['domain'], 00074 'wpLoginToken' => $params['token'], 00075 'wpRemember' => '' 00076 ) 00077 ) ); 00078 $loginForm = new LoginForm(); 00079 $loginForm->setContext( $context ); 00080 00081 global $wgCookiePrefix, $wgPasswordAttemptThrottle; 00082 00083 $authRes = $loginForm->authenticateUserData(); 00084 switch ( $authRes ) { 00085 case LoginForm::SUCCESS: 00086 $user = $context->getUser(); 00087 $this->getContext()->setUser( $user ); 00088 $user->setOption( 'rememberpassword', 1 ); 00089 $user->setCookies( $this->getRequest() ); 00090 00091 ApiQueryInfo::resetTokenCache(); 00092 00093 // Run hooks. 00094 // @todo FIXME: Split back and frontend from this hook. 00095 // @todo FIXME: This hook should be placed in the backend 00096 $injected_html = ''; 00097 wfRunHooks( 'UserLoginComplete', array( &$user, &$injected_html ) ); 00098 00099 $result['result'] = 'Success'; 00100 $result['lguserid'] = intval( $user->getId() ); 00101 $result['lgusername'] = $user->getName(); 00102 $result['lgtoken'] = $user->getToken(); 00103 $result['cookieprefix'] = $wgCookiePrefix; 00104 $result['sessionid'] = session_id(); 00105 break; 00106 00107 case LoginForm::NEED_TOKEN: 00108 $result['result'] = 'NeedToken'; 00109 $result['token'] = $loginForm->getLoginToken(); 00110 $result['cookieprefix'] = $wgCookiePrefix; 00111 $result['sessionid'] = session_id(); 00112 break; 00113 00114 case LoginForm::WRONG_TOKEN: 00115 $result['result'] = 'WrongToken'; 00116 break; 00117 00118 case LoginForm::NO_NAME: 00119 $result['result'] = 'NoName'; 00120 break; 00121 00122 case LoginForm::ILLEGAL: 00123 $result['result'] = 'Illegal'; 00124 break; 00125 00126 case LoginForm::WRONG_PLUGIN_PASS: 00127 $result['result'] = 'WrongPluginPass'; 00128 break; 00129 00130 case LoginForm::NOT_EXISTS: 00131 $result['result'] = 'NotExists'; 00132 break; 00133 00134 case LoginForm::RESET_PASS: // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;" 00135 case LoginForm::WRONG_PASS: 00136 $result['result'] = 'WrongPass'; 00137 break; 00138 00139 case LoginForm::EMPTY_PASS: 00140 $result['result'] = 'EmptyPass'; 00141 break; 00142 00143 case LoginForm::CREATE_BLOCKED: 00144 $result['result'] = 'CreateBlocked'; 00145 $result['details'] = 'Your IP address is blocked from account creation'; 00146 break; 00147 00148 case LoginForm::THROTTLED: 00149 $result['result'] = 'Throttled'; 00150 $result['wait'] = intval( $wgPasswordAttemptThrottle['seconds'] ); 00151 break; 00152 00153 case LoginForm::USER_BLOCKED: 00154 $result['result'] = 'Blocked'; 00155 break; 00156 00157 case LoginForm::ABORTED: 00158 $result['result'] = 'Aborted'; 00159 $result['reason'] = $loginForm->mAbortLoginErrorMsg; 00160 break; 00161 00162 default: 00163 ApiBase::dieDebug( __METHOD__, "Unhandled case value: {$authRes}" ); 00164 } 00165 00166 $this->getResult()->addValue( null, 'login', $result ); 00167 } 00168 00169 public function mustBePosted() { 00170 return true; 00171 } 00172 00173 public function isReadMode() { 00174 return false; 00175 } 00176 00177 public function getAllowedParams() { 00178 return array( 00179 'name' => null, 00180 'password' => null, 00181 'domain' => null, 00182 'token' => null, 00183 ); 00184 } 00185 00186 public function getParamDescription() { 00187 return array( 00188 'name' => 'User Name', 00189 'password' => 'Password', 00190 'domain' => 'Domain (optional)', 00191 'token' => 'Login token obtained in first request', 00192 ); 00193 } 00194 00195 public function getResultProperties() { 00196 return array( 00197 '' => array( 00198 'result' => array( 00199 ApiBase::PROP_TYPE => array( 00200 'Success', 00201 'NeedToken', 00202 'WrongToken', 00203 'NoName', 00204 'Illegal', 00205 'WrongPluginPass', 00206 'NotExists', 00207 'WrongPass', 00208 'EmptyPass', 00209 'CreateBlocked', 00210 'Throttled', 00211 'Blocked', 00212 'Aborted' 00213 ) 00214 ), 00215 'lguserid' => array( 00216 ApiBase::PROP_TYPE => 'integer', 00217 ApiBase::PROP_NULLABLE => true 00218 ), 00219 'lgusername' => array( 00220 ApiBase::PROP_TYPE => 'string', 00221 ApiBase::PROP_NULLABLE => true 00222 ), 00223 'lgtoken' => array( 00224 ApiBase::PROP_TYPE => 'string', 00225 ApiBase::PROP_NULLABLE => true 00226 ), 00227 'cookieprefix' => array( 00228 ApiBase::PROP_TYPE => 'string', 00229 ApiBase::PROP_NULLABLE => true 00230 ), 00231 'sessionid' => array( 00232 ApiBase::PROP_TYPE => 'string', 00233 ApiBase::PROP_NULLABLE => true 00234 ), 00235 'token' => array( 00236 ApiBase::PROP_TYPE => 'string', 00237 ApiBase::PROP_NULLABLE => true 00238 ), 00239 'details' => array( 00240 ApiBase::PROP_TYPE => 'string', 00241 ApiBase::PROP_NULLABLE => true 00242 ), 00243 'wait' => array( 00244 ApiBase::PROP_TYPE => 'integer', 00245 ApiBase::PROP_NULLABLE => true 00246 ), 00247 'reason' => array( 00248 ApiBase::PROP_TYPE => 'string', 00249 ApiBase::PROP_NULLABLE => true 00250 ) 00251 ) 00252 ); 00253 } 00254 00255 public function getDescription() { 00256 return array( 00257 'Log in and get the authentication tokens. ', 00258 'In the event of a successful log-in, a cookie will be attached', 00259 'to your session. In the event of a failed log-in, you will not ', 00260 'be able to attempt another log-in through this method for 5 seconds.', 00261 'This is to prevent password guessing by automated password crackers' 00262 ); 00263 } 00264 00265 public function getPossibleErrors() { 00266 return array_merge( parent::getPossibleErrors(), array( 00267 array( 'code' => 'NeedToken', 'info' => 'You need to resubmit your login with the specified token. See https://bugzilla.wikimedia.org/show_bug.cgi?id=23076' ), 00268 array( 'code' => 'WrongToken', 'info' => 'You specified an invalid token' ), 00269 array( 'code' => 'NoName', 'info' => 'You didn\'t set the lgname parameter' ), 00270 array( 'code' => 'Illegal', 'info' => ' You provided an illegal username' ), 00271 array( 'code' => 'NotExists', 'info' => ' The username you provided doesn\'t exist' ), 00272 array( 'code' => 'EmptyPass', 'info' => ' You didn\'t set the lgpassword parameter or you left it empty' ), 00273 array( 'code' => 'WrongPass', 'info' => ' The password you provided is incorrect' ), 00274 array( 'code' => 'WrongPluginPass', 'info' => 'Same as "WrongPass", returned when an authentication plugin rather than MediaWiki itself rejected the password' ), 00275 array( 'code' => 'CreateBlocked', 'info' => 'The wiki tried to automatically create a new account for you, but your IP address has been blocked from account creation' ), 00276 array( 'code' => 'Throttled', 'info' => 'You\'ve logged in too many times in a short time' ), 00277 array( 'code' => 'Blocked', 'info' => 'User is blocked' ), 00278 ) ); 00279 } 00280 00281 public function getExamples() { 00282 return array( 00283 'api.php?action=login&lgname=user&lgpassword=password' 00284 ); 00285 } 00286 00287 public function getHelpUrls() { 00288 return 'https://www.mediawiki.org/wiki/API:Login'; 00289 } 00290 }