/**
* This method is called when user successfully logs in using FB credentials
*
* Facebook user ID is passed to our backend:
* - if there's Wikia account connected, log the user in,
* - if not, render sign up modal
*/
public function index()
{
$fbUserId = $this->getFacebookUserId();
// try to get connected Wikia account
$user = FacebookClient::getInstance()->getWikiaUser($fbUserId);
if ($user instanceof User && $fbUserId !== 0) {
$errorMsg = '';
if ($this->isAccountDisabled($user)) {
// User account was disabled, abort the login
$errorMsg = wfMessage('userlogin-error-edit-account-closed-flag')->escaped();
$this->response->setData(['loginAborted' => true, 'errorMsg' => $errorMsg]);
} elseif ($this->isAccountUnconfirmed($user)) {
LoginForm::clearLoginToken();
$name = $user->getName();
$this->userLoginHelper->setNotConfirmedUserSession($user->getId());
$this->userLoginHelper->clearPasswordThrottle($name);
$this->response->setData(['unconfirmed' => true, 'userName' => $name, 'errorMsg' => $errorMsg]);
} elseif (!wfRunHooks('FacebookUserLoginSuccess', [$user, &$errorMsg])) {
$this->response->setData(['loginAborted' => true, 'errorMsg' => $errorMsg]);
} else {
// account is connected - log the user in
$user->setCookies();
$this->response->setData(['loggedIn' => true, 'userName' => $user->getName(), 'returnUrl' => $this->userLoginHelper->getRedirectUrl(), 'errorMsg' => '']);
// Retrieve user email from Facebook if missing
$email = $user->getEmail();
if (empty($email)) {
$this->saveEmailAsynchronously($user->getId());
}
}
} else {
$modal = $this->sendRequest('FacebookSignup', 'modal')->__toString();
$title = $this->sendRequest('FacebookSignup', 'modalHeader')->__toString();
if (empty($modal)) {
$modal = wfMessage('usersignup-facebook-problem')->escaped();
}
// no account connected - show FB sign up modal
$this->response->setData(['htmlTitle' => $title, 'modal' => $modal, 'cancelMsg' => wfMessage('cancel')->escaped()]);
}
}
/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->getOutput()->disallowUserJs();
// just in case...
$this->wg->Out->setPageTitle(wfMessage('wikiaconfirmemail-heading')->plain());
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->editToken = $this->wg->User->getEditToken();
$this->loginToken = UserLoginHelper::getLoginToken();
$editTokenReq = $this->request->getVal('editToken', '');
$loginTokenReq = $this->request->getVal('loginToken', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-empty-code')->escaped();
return;
}
if ($this->wg->request->wasPosted() && $this->wg->User->matchEditToken($editTokenReq)) {
if ($this->wg->User->isAnon() && $loginTokenReq !== UserLoginHelper::getLoginToken()) {
$this->result = 'error';
$this->msg = wfMessage('sessionfailure')->escaped();
return;
}
if ($this->username == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-invalid-code')->escaped();
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$user = User::newFromName($this->username);
if (!$user instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
return;
}
if ($user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
if ($user->getGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME) != null) {
// Signup confirm
// Log user in manually
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
UserLoginHelper::clearNotConfirmedUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// Confirm
UserLoginHelper::removeNotConfirmedFlag($user);
$user->confirmEmail();
// Get and clear redirect page
$userSignupRedirect = $user->getGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME);
$user->setGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME, null);
$user->saveSettings();
$userLoginHelper->addNewUserLogEntry($user);
// send welcome email
$emailParams = array('$USERNAME' => $user->getName(), '$EDITPROFILEURL' => $user->getUserPage()->getFullURL(), '$LEARNBASICURL' => 'http://community.wikia.com/wiki/Help:Wikia_Basics', '$EXPLOREWIKISURL' => 'http://www.wikia.com');
$userLoginHelper->sendEmail($user, 'WelcomeMail', 'usersignup-welcome-email-subject', 'usersignup-welcome-email-body', $emailParams, 'welcome-email', 'WelcomeMail');
// redirect user
if (!empty($userSignupRedirect)) {
// Redirect user to the point where he finished (when signup on create wiki)
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $userSignupRedirect;
} else {
$titleObj = $this->wg->User->getUserPage();
$query = '';
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
// Email change
// Log user in through standard method
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$result = $response->getVal('result', '');
$optionNewEmail = $this->wg->User->getGlobalAttribute('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setGlobalAttribute('new_email', null);
$user->saveSettings();
// redirect user
if ($result === 'closurerequested') {
$response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
$redirectUrl = $response->getVal('redirectUrl');
$this->wg->Out->redirect($redirectUrl);
} else {
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
wfRunHooks('EmailChangeConfirmed', array($user));
return;
}
} else {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
return;
}
}
}
/**
* Entry point for reactivating an account
*
* Handles confirming the user's reactivation request when they have
* given a valid confirmation code. If no code is given, but they have
* a session ID from having successfully attempted to login to an account
* that has requested closure, this forwards to the reactivateRequest
* method.
*
* @requestParam string code - The confirmation code for reactivating an account
* @requestParam string username - The user name of the account to reactivate
* @requestParam string password - The password for the account to reactivate
* @requestParam string editToken - The edit token for the current user
* @requestParam string loginToken - The login token for the current user
* @responseParam boolean success - Whether or not reactivation was successful
* @responseParam string resultMessage - The result of the form submission
* @responseParam string errParam - The form item an error is related to
* @return void
*/
public function reactivate()
{
wfProfileIn(__METHOD__);
$this->code = $this->getVal('code', false);
if (empty($this->code)) {
if ($this->request->getSessionData('closeAccountSessionId') !== null) {
$this->forward(__CLASS__, 'reactivateRequest');
} else {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-empty-code')->parse();
}
wfProfileOut(__METHOD__);
return;
}
$this->getOutput()->setPageTitle($this->msg('closemyaccount-reactivate-page-title')->plain());
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
$user = $this->getUser();
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->loginToken = UserLoginHelper::getLoginToken();
$this->editToken = $user->getEditToken();
$helper = new CloseMyAccountHelper();
if ($this->request->wasPosted() && $user->matchEditToken($this->request->getVal('editToken'))) {
if ($user->isAnon() && $this->request->getVal('loginToken') !== UserLoginHelper::getLoginToken()) {
$this->success = false;
$this->resultMessage = $this->msg('sessionfailure')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($this->username === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-noname')->escaped();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
if ($this->password === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-invalid-code', $this->username)->parse();
wfProfileOut(__METHOD__);
return;
}
$user = User::newFromName($this->username);
if ($user->getId() != $expUser->getId()) {
$this->success = false;
$this->resultMessage = $this->msg('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->success = false;
$this->resultMessage = $this - msg('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
if ($helper->isClosed($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-disabled')->parse();
wfProfileOut(__METHOD__);
return;
}
if (!$helper->isScheduledForClosure($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-not-scheduled')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
$userLoginHelper->clearPasswordThrottle($this->username);
$helper->reactivateAccount($user);
unset($_SESSION['closeAccountSessionId']);
$userPageTitle = $user->getUserPage();
$this->getOutput()->redirect($userPageTitle->getFullURL());
} else {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
}
}
wfProfileOut(__METHOD__);
}
