diff options
Diffstat (limited to 'includes/api/ApiLogin.php')
-rw-r--r-- | includes/api/ApiLogin.php | 99 |
1 files changed, 64 insertions, 35 deletions
diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php index 8f1fb834..442bc44c 100644 --- a/includes/api/ApiLogin.php +++ b/includes/api/ApiLogin.php @@ -1,11 +1,11 @@ <?php -/* +/** * Created on Sep 19, 2006 * * API for MediaWiki 1.8+ * - * Copyright (C) 2006-2007 Yuri Astrakhan <Firstname><Lastname>@gmail.com, + * Copyright © 2006-2007 Yuri Astrakhan <Firstname><Lastname>@gmail.com, * Daniel Cannon (cannon dot danielc at gmail dot com) * * This program is free software; you can redistribute it and/or modify @@ -24,9 +24,9 @@ * http://www.gnu.org/copyleft/gpl.html */ -if (!defined('MEDIAWIKI')) { +if ( !defined( 'MEDIAWIKI' ) ) { // Eclipse helper - will be ignored in production - require_once ('ApiBase.php'); + require_once( 'ApiBase.php' ); } /** @@ -36,8 +36,8 @@ if (!defined('MEDIAWIKI')) { */ class ApiLogin extends ApiBase { - public function __construct($main, $action) { - parent :: __construct($main, $action, 'lg'); + public function __construct( $main, $action ) { + parent::__construct( $main, $action, 'lg' ); } /** @@ -48,42 +48,40 @@ class ApiLogin extends ApiBase { * user, or any other reason, the host is cached with an expiry * and no log-in attempts will be accepted until that expiry * is reached. The expiry is $this->mLoginThrottle. - * - * @access public */ public function execute() { $params = $this->extractRequestParams(); - $result = array (); + $result = array(); - $req = new FauxRequest(array ( + $req = new FauxRequest( array( 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '' - )); + ) ); // Init session if necessary - if( session_id() == '' ) { + if ( session_id() == '' ) { wfSetupSession(); } - $loginForm = new LoginForm($req); - switch ($authRes = $loginForm->authenticateUserData()) { - case LoginForm :: SUCCESS : + $loginForm = new LoginForm( $req ); + switch ( $authRes = $loginForm->authenticateUserData() ) { + case LoginForm::SUCCESS: global $wgUser, $wgCookiePrefix; - $wgUser->setOption('rememberpassword', 1); + $wgUser->setOption( 'rememberpassword', 1 ); $wgUser->setCookies(); // Run hooks. FIXME: split back and frontend from this hook. // FIXME: This hook should be placed in the backend $injected_html = ''; - wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html)); + wfRunHooks( 'UserLoginComplete', array( &$wgUser, &$injected_html ) ); $result['result'] = 'Success'; - $result['lguserid'] = intval($wgUser->getId()); + $result['lguserid'] = intval( $wgUser->getId() ); $result['lgusername'] = $wgUser->getName(); $result['lgtoken'] = $wgUser->getToken(); $result['cookieprefix'] = $wgCookiePrefix; @@ -102,48 +100,63 @@ class ApiLogin extends ApiBase { $result['result'] = 'WrongToken'; break; - case LoginForm :: NO_NAME : + case LoginForm::NO_NAME: $result['result'] = 'NoName'; break; - case LoginForm :: ILLEGAL : + + case LoginForm::ILLEGAL: $result['result'] = 'Illegal'; break; - case LoginForm :: WRONG_PLUGIN_PASS : + + case LoginForm::WRONG_PLUGIN_PASS: $result['result'] = 'WrongPluginPass'; break; - case LoginForm :: NOT_EXISTS : + + case LoginForm::NOT_EXISTS: $result['result'] = 'NotExists'; break; - case LoginForm :: WRONG_PASS : + + case LoginForm::RESET_PASS: // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;" + case LoginForm::WRONG_PASS: $result['result'] = 'WrongPass'; break; - case LoginForm :: EMPTY_PASS : + + case LoginForm::EMPTY_PASS: $result['result'] = 'EmptyPass'; break; - case LoginForm :: CREATE_BLOCKED : + + case LoginForm::CREATE_BLOCKED: $result['result'] = 'CreateBlocked'; $result['details'] = 'Your IP address is blocked from account creation'; break; - case LoginForm :: THROTTLED : + + case LoginForm::THROTTLED: global $wgPasswordAttemptThrottle; $result['result'] = 'Throttled'; - $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']); + $result['wait'] = intval( $wgPasswordAttemptThrottle['seconds'] ); break; - default : - ApiBase :: dieDebug(__METHOD__, "Unhandled case value: {$authRes}"); + + case LoginForm::USER_BLOCKED: + $result['result'] = 'Blocked'; + break; + + default: + ApiBase::dieDebug( __METHOD__, "Unhandled case value: {$authRes}" ); } - $this->getResult()->addValue(null, 'login', $result); + $this->getResult()->addValue( null, 'login', $result ); } - public function mustBePosted() { return true; } + public function mustBePosted() { + return true; + } public function isReadMode() { return false; } public function getAllowedParams() { - return array ( + return array( 'name' => null, 'password' => null, 'domain' => null, @@ -152,7 +165,7 @@ class ApiLogin extends ApiBase { } public function getParamDescription() { - return array ( + return array( 'name' => 'User Name', 'password' => 'Password', 'domain' => 'Domain (optional)', @@ -161,7 +174,7 @@ class ApiLogin extends ApiBase { } public function getDescription() { - return array ( + return array( 'This module is used to login and get the authentication tokens. ', 'In the event of a successful log-in, a cookie will be attached', 'to your session. In the event of a failed log-in, you will not ', @@ -170,6 +183,22 @@ class ApiLogin extends ApiBase { ); } + public function getPossibleErrors() { + return array_merge( parent::getPossibleErrors(), array( + array( 'code' => 'NeedToken', 'info' => 'You need to resubmit your login with the specified token. See https://bugzilla.wikimedia.org/show_bug.cgi?id=23076' ), + array( 'code' => 'WrongToken', 'info' => 'You specified an invalid token' ), + array( 'code' => 'NoName', 'info' => 'You didn\'t set the lgname parameter' ), + array( 'code' => 'Illegal', 'info' => ' You provided an illegal username' ), + array( 'code' => 'NotExists', 'info' => ' The username you provided doesn\'t exist' ), + array( 'code' => 'EmptyPass', 'info' => ' You didn\'t set the lgpassword parameter or you left it empty' ), + array( 'code' => 'WrongPass', 'info' => ' The password you provided is incorrect' ), + array( 'code' => 'WrongPluginPass', 'info' => 'Same as `WrongPass", returned when an authentication plugin rather than MediaWiki itself rejected the password' ), + array( 'code' => 'CreateBlocked', 'info' => 'The wiki tried to automatically create a new account for you, but your IP address has been blocked from account creation' ), + array( 'code' => 'Throttled', 'info' => 'You\'ve logged in too many times in a short time' ), + array( 'code' => 'Blocked', 'info' => 'User is blocked' ), + ) ); + } + protected function getExamples() { return array( 'api.php?action=login&lgname=user&lgpassword=password' @@ -177,6 +206,6 @@ class ApiLogin extends ApiBase { } public function getVersion() { - return __CLASS__ . ': $Id: ApiLogin.php 69990 2010-07-27 08:44:08Z tstarling $'; + return __CLASS__ . ': $Id: ApiLogin.php 64697 2010-04-07 09:05:05Z catrope $'; } } |