コード例 #1
0
 /**
  * Main execution point
  */
 function execute($par)
 {
     global $wgAuth;
     $this->checkReadOnly();
     $request = $this->getRequest();
     $this->mUserName = trim($request->getVal('wpName'));
     $this->mOldpass = $request->getVal('wpPassword');
     $this->mNewpass = $request->getVal('wpNewPassword');
     $this->mRetype = $request->getVal('wpRetype');
     $this->mDomain = $request->getVal('wpDomain');
     $this->setHeaders();
     $this->outputHeader();
     $this->getOutput()->disallowUserJs();
     $user = $this->getUser();
     if (!$request->wasPosted() && !$user->isLoggedIn()) {
         $this->error($this->msg('resetpass-no-info')->text());
         return;
     }
     if ($request->wasPosted() && $request->getBool('wpCancel')) {
         $this->doReturnTo();
         return;
     }
     if ($request->wasPosted() && $user->matchEditToken($request->getVal('token'))) {
         try {
             if (isset($_SESSION['wsDomain'])) {
                 $this->mDomain = $_SESSION['wsDomain'];
             }
             $wgAuth->setDomain($this->mDomain);
             if (!$wgAuth->allowPasswordChange()) {
                 $this->error($this->msg('resetpass_forbidden')->text());
                 return;
             }
             $this->attemptReset($this->mNewpass, $this->mRetype);
             $this->getOutput()->addWikiMsg('resetpass_success');
             if (!$user->isLoggedIn()) {
                 LoginForm::setLoginToken();
                 $token = LoginForm::getLoginToken();
                 $data = array('action' => 'submitlogin', 'wpName' => $this->mUserName, 'wpDomain' => $this->mDomain, 'wpLoginToken' => $token, 'wpPassword' => $this->mNewpass, 'returnto' => $request->getVal('returnto'));
                 if ($request->getCheck('wpRemember')) {
                     $data['wpRemember'] = 1;
                 }
                 $login = new LoginForm(new FauxRequest($data, true));
                 $login->setContext($this->getContext());
                 $login->execute(null);
             }
             $this->doReturnTo();
         } catch (PasswordError $e) {
             $this->error($e->getMessage());
         }
     }
     $this->showForm();
 }
コード例 #2
0
ファイル: ApiLogin.php プロジェクト: seedbank/old-repo
 /**
  * Executes the log-in attempt using the parameters passed. If
  * the log-in succeeeds, it attaches a cookie to the session
  * and outputs the user id, username, and session token. If a
  * log-in fails, as the result of a bad password, a nonexistent
  * user, or any other reason, the host is cached with an expiry
  * and no log-in attempts will be accepted until that expiry
  * is reached. The expiry is $this->mLoginThrottle.
  */
 public function execute()
 {
     $params = $this->extractRequestParams();
     $result = array();
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     $context = new DerivativeContext($this->getContext());
     $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
     $loginForm = new LoginForm();
     $loginForm->setContext($context);
     global $wgCookiePrefix, $wgPasswordAttemptThrottle;
     $authRes = $loginForm->authenticateUserData();
     switch ($authRes) {
         case LoginForm::SUCCESS:
             $user = $context->getUser();
             $this->getContext()->setUser($user);
             $user->setOption('rememberpassword', 1);
             $user->setCookies($this->getRequest());
             ApiQueryInfo::resetTokenCache();
             // Run hooks.
             // @todo FIXME: Split back and frontend from this hook.
             // @todo FIXME: This hook should be placed in the backend
             $injected_html = '';
             wfRunHooks('UserLoginComplete', array(&$user, &$injected_html));
             $result['result'] = 'Success';
             $result['lguserid'] = intval($user->getId());
             $result['lgusername'] = $user->getName();
             $result['lgtoken'] = $user->getToken();
             $result['cookieprefix'] = $wgCookiePrefix;
             $result['sessionid'] = session_id();
             break;
         case LoginForm::NEED_TOKEN:
             $result['result'] = 'NeedToken';
             $result['token'] = $loginForm->getLoginToken();
             $result['cookieprefix'] = $wgCookiePrefix;
             $result['sessionid'] = session_id();
             break;
         case LoginForm::WRONG_TOKEN:
             $result['result'] = 'WrongToken';
             break;
         case LoginForm::NO_NAME:
             $result['result'] = 'NoName';
             break;
         case LoginForm::ILLEGAL:
             $result['result'] = 'Illegal';
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $result['result'] = 'WrongPluginPass';
             break;
         case LoginForm::NOT_EXISTS:
             $result['result'] = 'NotExists';
             break;
         case LoginForm::RESET_PASS:
             // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;"
         // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;"
         case LoginForm::WRONG_PASS:
             $result['result'] = 'WrongPass';
             break;
         case LoginForm::EMPTY_PASS:
             $result['result'] = 'EmptyPass';
             break;
         case LoginForm::CREATE_BLOCKED:
             $result['result'] = 'CreateBlocked';
             $result['details'] = 'Your IP address is blocked from account creation';
             break;
         case LoginForm::THROTTLED:
             $result['result'] = 'Throttled';
             $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
             break;
         case LoginForm::USER_BLOCKED:
             $result['result'] = 'Blocked';
             break;
         case LoginForm::ABORTED:
             $result['result'] = 'Aborted';
             $result['reason'] = $loginForm->mAbortLoginErrorMsg;
             break;
         default:
             ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
     }
     $this->getResult()->addValue(null, 'login', $result);
 }
コード例 #3
0
 /**
  * Get a login token
  *
  * @return string loginToken
  */
 public static function getLoginToken()
 {
     if (!LoginForm::getLoginToken()) {
         // Init session if necessary
         if (session_id() == '') {
             wfSetupSession();
         }
         LoginForm::setLoginToken();
     }
     return LoginForm::getLoginToken();
 }
コード例 #4
0
 public function onSuccess()
 {
     if ($this->getUser()->isLoggedIn()) {
         $this->getOutput()->wrapWikiMsg("<div class=\"successbox\">\n\$1\n</div>", 'changepassword-success');
         $this->getOutput()->returnToMain();
     } else {
         $request = $this->getRequest();
         LoginForm::setLoginToken();
         $token = LoginForm::getLoginToken();
         $data = array('action' => 'submitlogin', 'wpName' => $this->mUserName, 'wpDomain' => $this->mDomain, 'wpLoginToken' => $token, 'wpPassword' => $request->getVal('wpNewPassword')) + $request->getValues('wpRemember', 'returnto', 'returntoquery');
         $login = new LoginForm(new DerivativeRequest($request, $data, true));
         $login->setContext($this->getContext());
         $login->execute(null);
     }
 }
コード例 #5
0
 function showForm()
 {
     global $wgCookieExpiration;
     $user = $this->getUser();
     if (!$this->mUserName) {
         $this->mUserName = $user->getName();
     }
     $rememberMe = '';
     if (!$user->isLoggedIn()) {
         $rememberMe = '<tr>' . '<td></td>' . '<td class="mw-input">' . Xml::checkLabel($this->msg('remembermypassword')->numParams(ceil($wgCookieExpiration / (3600 * 24)))->text(), 'wpRemember', 'wpRemember', $this->getRequest()->getCheck('wpRemember')) . '</td>' . '</tr>';
         $submitMsg = 'resetpass_submit';
         $oldpassMsg = 'resetpass-temp-password';
     } else {
         $oldpassMsg = 'oldpassword';
         $submitMsg = 'resetpass-submit-loggedin';
     }
     $loginOnChangeToken = '';
     if (!$user->isLoggedIn()) {
         $loginOnChangeToken = Html::hidden('wpLoginOnChangeToken', LoginForm::getLoginToken());
     }
     $this->getOutput()->addHTML(Xml::fieldset($this->msg('resetpass_header')->text()) . Xml::openElement('form', array('method' => 'post', 'action' => $this->getTitle()->getLocalUrl(), 'id' => 'mw-resetpass-form')) . "\n" . Html::hidden('token', $user->getEditToken()) . "\n" . Html::hidden('wpName', $this->mUserName) . "\n" . Html::hidden('wpDomain', $this->mDomain) . "\n" . Html::hidden('returnto', $this->getRequest()->getVal('returnto')) . "\n" . $loginOnChangeToken . $this->msg('resetpass_text')->parseAsBlock() . "\n" . Xml::openElement('table', array('id' => 'mw-resetpass-table')) . "\n" . $this->pretty(array(array('wpName', 'username', 'text', $this->mUserName), array('wpPassword', $oldpassMsg, 'password', $this->mOldpass), array('wpNewPassword', 'newpassword', 'password', null), array('wpRetype', 'retypenew', 'password', null))) . "\n" . $rememberMe . "<tr>\n" . "<td></td>\n" . '<td class="mw-input">' . Xml::submitButton($this->msg($submitMsg)->text()) . Xml::submitButton($this->msg('resetpass-submit-cancel')->text(), array('name' => 'wpCancel')) . "</td>\n" . "</tr>\n" . Xml::closeElement('table') . Xml::closeElement('form') . Xml::closeElement('fieldset') . "\n");
 }
コード例 #6
0
ファイル: ApiLogin.php プロジェクト: MediaWiki-stable/1.26.1
 /**
  * Executes the log-in attempt using the parameters passed. If
  * the log-in succeeds, it attaches a cookie to the session
  * and outputs the user id, username, and session token. If a
  * log-in fails, as the result of a bad password, a nonexistent
  * user, or any other reason, the host is cached with an expiry
  * and no log-in attempts will be accepted until that expiry
  * is reached. The expiry is $this->mLoginThrottle.
  */
 public function execute()
 {
     // If we're in a mode that breaks the same-origin policy, no tokens can
     // be obtained
     if ($this->lacksSameOriginSecurity()) {
         $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied'));
         return;
     }
     $params = $this->extractRequestParams();
     $result = array();
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     $context = new DerivativeContext($this->getContext());
     $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
     $loginForm = new LoginForm();
     $loginForm->setContext($context);
     $authRes = $loginForm->authenticateUserData();
     switch ($authRes) {
         case LoginForm::SUCCESS:
             $user = $context->getUser();
             $this->getContext()->setUser($user);
             $user->setCookies($this->getRequest(), null, true);
             ApiQueryInfo::resetTokenCache();
             // Run hooks.
             // @todo FIXME: Split back and frontend from this hook.
             // @todo FIXME: This hook should be placed in the backend
             $injected_html = '';
             Hooks::run('UserLoginComplete', array(&$user, &$injected_html));
             $result['result'] = 'Success';
             $result['lguserid'] = intval($user->getId());
             $result['lgusername'] = $user->getName();
             $result['lgtoken'] = $user->getToken();
             $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
             $result['sessionid'] = session_id();
             break;
         case LoginForm::NEED_TOKEN:
             $result['result'] = 'NeedToken';
             $result['token'] = $loginForm->getLoginToken();
             $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
             $result['sessionid'] = session_id();
             break;
         case LoginForm::WRONG_TOKEN:
             $result['result'] = 'WrongToken';
             break;
         case LoginForm::NO_NAME:
             $result['result'] = 'NoName';
             break;
         case LoginForm::ILLEGAL:
             $result['result'] = 'Illegal';
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $result['result'] = 'WrongPluginPass';
             break;
         case LoginForm::NOT_EXISTS:
             $result['result'] = 'NotExists';
             break;
             // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
             // The e-mailed temporary password should not be used for actual logins.
         // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
         // The e-mailed temporary password should not be used for actual logins.
         case LoginForm::RESET_PASS:
         case LoginForm::WRONG_PASS:
             $result['result'] = 'WrongPass';
             break;
         case LoginForm::EMPTY_PASS:
             $result['result'] = 'EmptyPass';
             break;
         case LoginForm::CREATE_BLOCKED:
             $result['result'] = 'CreateBlocked';
             $result['details'] = 'Your IP address is blocked from account creation';
             $block = $context->getUser()->getBlock();
             if ($block) {
                 $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
             }
             break;
         case LoginForm::THROTTLED:
             $result['result'] = 'Throttled';
             $throttle = $this->getConfig()->get('PasswordAttemptThrottle');
             $result['wait'] = intval($throttle['seconds']);
             break;
         case LoginForm::USER_BLOCKED:
             $result['result'] = 'Blocked';
             $block = User::newFromName($params['name'])->getBlock();
             if ($block) {
                 $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
             }
             break;
         case LoginForm::ABORTED:
             $result['result'] = 'Aborted';
             $result['reason'] = $loginForm->mAbortLoginErrorMsg;
             break;
         default:
             ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
     }
     $this->getResult()->addValue(null, 'login', $result);
     LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'status' => LoginForm::$statusCodes[$authRes]));
 }
コード例 #7
0
ファイル: ApiLogin.php プロジェクト: ruizrube/spdef
 /**
  * Executes the log-in attempt using the parameters passed. If
  * the log-in succeeeds, it attaches a cookie to the session
  * and outputs the user id, username, and session token. If a
  * log-in fails, as the result of a bad password, a nonexistent
  * user, or any other reason, the host is cached with an expiry
  * and no log-in attempts will be accepted until that expiry
  * is reached. The expiry is $this->mLoginThrottle.
  *
  * @access public
  */
 public function execute()
 {
     $params = $this->extractRequestParams();
     $result = array();
     $req = new FauxRequest(array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => ''));
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     $loginForm = new LoginForm($req);
     switch ($authRes = $loginForm->authenticateUserData()) {
         case LoginForm::SUCCESS:
             global $wgUser, $wgCookiePrefix;
             $wgUser->setOption('rememberpassword', 1);
             $wgUser->setCookies();
             // Run hooks. FIXME: split back and frontend from this hook.
             // FIXME: This hook should be placed in the backend
             $injected_html = '';
             wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
             $result['result'] = 'Success';
             $result['lguserid'] = intval($wgUser->getId());
             $result['lgusername'] = $wgUser->getName();
             $result['lgtoken'] = $wgUser->getToken();
             $result['cookieprefix'] = $wgCookiePrefix;
             $result['sessionid'] = session_id();
             break;
         case LoginForm::NEED_TOKEN:
             global $wgCookiePrefix;
             $result['result'] = 'NeedToken';
             $result['token'] = $loginForm->getLoginToken();
             $result['cookieprefix'] = $wgCookiePrefix;
             $result['sessionid'] = session_id();
             break;
         case LoginForm::WRONG_TOKEN:
             $result['result'] = 'WrongToken';
             break;
         case LoginForm::NO_NAME:
             $result['result'] = 'NoName';
             break;
         case LoginForm::ILLEGAL:
             $result['result'] = 'Illegal';
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $result['result'] = 'WrongPluginPass';
             break;
         case LoginForm::NOT_EXISTS:
             $result['result'] = 'NotExists';
             break;
         case LoginForm::WRONG_PASS:
             $result['result'] = 'WrongPass';
             break;
         case LoginForm::EMPTY_PASS:
             $result['result'] = 'EmptyPass';
             break;
         case LoginForm::CREATE_BLOCKED:
             $result['result'] = 'CreateBlocked';
             $result['details'] = 'Your IP address is blocked from account creation';
             break;
         case LoginForm::THROTTLED:
             global $wgPasswordAttemptThrottle;
             $result['result'] = 'Throttled';
             $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
             break;
         default:
             ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
     }
     $this->getResult()->addValue(null, 'login', $result);
 }
コード例 #8
0
ファイル: ComboAjaxLogin.php プロジェクト: schwarer2006/wikia
 /**
  * Generates a template with the login form and registration form already filled into
  * it and other settings populated as well.  This template can then be executed with
  * different EasyTemplates to give different results such as one view for ajax dialogs
  * and one view for standalone pages (such as Special:Signup).
  */
 public static function getTemplateForCombinedForms($static = false, $lastmsg = "", &$ajaxLoginForm = "")
 {
     global $wgRequest;
     // Setup the data for the templates, similar to GetComboAjaxLogin.
     if (session_id() == '') {
         wfSetupSession();
     }
     // TODO: Invstigate why this was here.
     //if ($wgRequest->getCheck( 'wpCreateaccount' )) {
     //	return "error";
     //}
     $tmpl = new EasyTemplate(dirname(__FILE__) . '/templates/');
     $response = new AjaxResponse();
     $type = $wgRequest->getVal('type', '');
     if (!wfReadOnly()) {
         if (empty($ajaxLoginForm)) {
             $ajaxLoginForm = new AjaxLoginForm($wgRequest);
         }
         $ajaxLoginForm->execute($type);
         if (!empty($ajaxLoginForm->ajaxTemplate)) {
             $lastmsg = $ajaxLoginForm->ajaxTemplate->data['message'];
             $tmpl->set('message', $ajaxLoginForm->ajaxTemplate->data['message']);
             $tmpl->set('messagetype', $ajaxLoginForm->ajaxTemplate->data['messagetype']);
         }
         $tmpl->set("registerAjax", $ajaxLoginForm->ajaxRender());
     }
     $isReadOnly = wfReadOnly() ? 1 : 0;
     $tmpl->set("isReadOnly", $isReadOnly);
     if (!LoginForm::getLoginToken()) {
         LoginForm::setLoginToken();
     }
     $tmpl->set("loginToken", LoginForm::getLoginToken());
     if (!LoginForm::getCreateaccountToken()) {
         LoginForm::setCreateaccountToken();
     }
     $tmpl->set("createToken", LoginForm::getCreateaccountToken());
     // Use the existing settings to generate the login portion of the form, which will then
     // be fed back into the bigger template in this case (it is not always fed into ComboAjaxLogin template).
     $returnto = $wgRequest->getVal('returnto', '');
     if (!($returnto == '')) {
         $returnto = "&returnto=" . wfUrlencode($returnto);
     }
     $returntoquery = $wgRequest->getVal('returntoquery', '');
     if (!($returntoquery == '')) {
         $returntoquery = "&returntoquery=" . wfUrlencode($returntoquery);
     }
     $loginaction = Skin::makeSpecialUrl('Signup', "type=login&action=submitlogin" . $returnto . $returntoquery);
     $signupaction = Skin::makeSpecialUrl('Signup', "type=signup" . $returnto . $returntoquery);
     $tmpl->set("loginaction", $loginaction);
     $tmpl->set("signupaction", $signupaction);
     $tmpl->set("loginerror", $lastmsg);
     $tmpl->set("actiontype", $type);
     $tmpl->set("showRegister", false);
     $tmpl->set("showLogin", false);
     if ($static) {
         if (strtolower($type) == "login") {
             $tmpl->set("showLogin", true);
         } else {
             if (!$isReadOnly) {
                 $tmpl->set("showRegister", true);
             }
         }
     }
     $tmpl->set("ajaxLoginComponent", $tmpl->render('AjaxLoginComponent'));
     return $tmpl;
 }
コード例 #9
0
ファイル: ApiLogin.php プロジェクト: Gomyul/mediawiki
 /**
  * Executes the log-in attempt using the parameters passed. If
  * the log-in succeeds, it attaches a cookie to the session
  * and outputs the user id, username, and session token. If a
  * log-in fails, as the result of a bad password, a nonexistent
  * user, or any other reason, the host is cached with an expiry
  * and no log-in attempts will be accepted until that expiry
  * is reached. The expiry is $this->mLoginThrottle.
  */
 public function execute()
 {
     // If we're in a mode that breaks the same-origin policy, no tokens can
     // be obtained
     if ($this->lacksSameOriginSecurity()) {
         $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied'));
         return;
     }
     $params = $this->extractRequestParams();
     $result = array();
     // Make sure session is persisted
     $session = MediaWiki\Session\SessionManager::getGlobalSession();
     $session->persist();
     // Make sure it's possible to log in
     if (!$session->canSetUser()) {
         $this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when using ' . $session->getProvider()->describe(Language::factory('en'))));
         return;
     }
     $authRes = false;
     $context = new DerivativeContext($this->getContext());
     $loginType = 'N/A';
     // Check login token
     $token = LoginForm::getLoginToken();
     if (!$token) {
         LoginForm::setLoginToken();
         $authRes = LoginForm::NEED_TOKEN;
     } elseif (!$params['token']) {
         $authRes = LoginForm::NEED_TOKEN;
     } elseif ($token !== $params['token']) {
         $authRes = LoginForm::WRONG_TOKEN;
     }
     // Try bot passwords
     if ($authRes === false && $this->getConfig()->get('EnableBotPasswords') && strpos($params['name'], BotPassword::getSeparator()) !== false) {
         $status = BotPassword::login($params['name'], $params['password'], $this->getRequest());
         if ($status->isOk()) {
             $session = $status->getValue();
             $authRes = LoginForm::SUCCESS;
             $loginType = 'BotPassword';
         } else {
             LoggerFactory::getInstance('authmanager')->info('BotPassword login failed: ' . $status->getWikiText());
         }
     }
     // Normal login
     if ($authRes === false) {
         $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
         $loginForm = new LoginForm();
         $loginForm->setContext($context);
         $authRes = $loginForm->authenticateUserData();
         $loginType = 'LoginForm';
     }
     switch ($authRes) {
         case LoginForm::SUCCESS:
             $user = $context->getUser();
             $this->getContext()->setUser($user);
             $user->setCookies($this->getRequest(), null, true);
             ApiQueryInfo::resetTokenCache();
             // Run hooks.
             // @todo FIXME: Split back and frontend from this hook.
             // @todo FIXME: This hook should be placed in the backend
             $injected_html = '';
             Hooks::run('UserLoginComplete', array(&$user, &$injected_html));
             $result['result'] = 'Success';
             $result['lguserid'] = intval($user->getId());
             $result['lgusername'] = $user->getName();
             // @todo: These are deprecated, and should be removed at some
             // point (1.28 at the earliest, and see T121527). They were ok
             // when the core cookie-based login was the only thing, but
             // CentralAuth broke that a while back and
             // SessionManager/AuthManager are *really* going to break it.
             $result['lgtoken'] = $user->getToken();
             $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
             $result['sessionid'] = $session->getId();
             break;
         case LoginForm::NEED_TOKEN:
             $result['result'] = 'NeedToken';
             $result['token'] = LoginForm::getLoginToken();
             // @todo: See above about deprecation
             $result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
             $result['sessionid'] = $session->getId();
             break;
         case LoginForm::WRONG_TOKEN:
             $result['result'] = 'WrongToken';
             break;
         case LoginForm::NO_NAME:
             $result['result'] = 'NoName';
             break;
         case LoginForm::ILLEGAL:
             $result['result'] = 'Illegal';
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $result['result'] = 'WrongPluginPass';
             break;
         case LoginForm::NOT_EXISTS:
             $result['result'] = 'NotExists';
             break;
             // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
             // The e-mailed temporary password should not be used for actual logins.
         // bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
         // The e-mailed temporary password should not be used for actual logins.
         case LoginForm::RESET_PASS:
         case LoginForm::WRONG_PASS:
             $result['result'] = 'WrongPass';
             break;
         case LoginForm::EMPTY_PASS:
             $result['result'] = 'EmptyPass';
             break;
         case LoginForm::CREATE_BLOCKED:
             $result['result'] = 'CreateBlocked';
             $result['details'] = 'Your IP address is blocked from account creation';
             $block = $context->getUser()->getBlock();
             if ($block) {
                 $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
             }
             break;
         case LoginForm::THROTTLED:
             $result['result'] = 'Throttled';
             $throttle = $this->getConfig()->get('PasswordAttemptThrottle');
             $result['wait'] = intval($throttle['seconds']);
             break;
         case LoginForm::USER_BLOCKED:
             $result['result'] = 'Blocked';
             $block = User::newFromName($params['name'])->getBlock();
             if ($block) {
                 $result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
             }
             break;
         case LoginForm::ABORTED:
             $result['result'] = 'Aborted';
             $result['reason'] = $loginForm->mAbortLoginErrorMsg;
             break;
         default:
             ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
     }
     $this->getResult()->addValue(null, 'login', $result);
     LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'loginType' => $loginType, 'status' => LoginForm::$statusCodes[$authRes]));
 }
コード例 #10
0
/**
 * This hook is registered by the Auth_remoteuser constructor.  It will be
 * called on every page load.  It serves the function of automatically logging
 * in the user.  The Auth_remoteuser class is an AuthPlugin and handles the
 * actual authentication, user creation, etc.
 *
 * Details:
 * 1. Check to see if the user has a session and is not anonymous.  If this is
 *    true, check whether REMOTE_USER matches the session user.  If so, we can
 *    just return; otherwise we must logout the session user and login as the
 *    REMOTE_USER.
 * 2. If the user doesn't have a session, we create a login form with our own
 *    fake request and ask the form to authenticate the user.  If the user does
 *    not exist authenticateUserData will attempt to create one.  The login form
 *    uses our Auth_remoteuser class as an AuthPlugin.
 *
 * Note: If cookies are disabled, an infinite loop /might/ occur?
 */
function Auth_remote_user_hook()
{
    global $wgUser, $wgRequest, $wgAuthRemoteuserDomain, $wgAuth;
    // For a few special pages, don't do anything.
    $title = $wgRequest->getVal('title');
    if ($title == Title::makeName(NS_SPECIAL, 'UserLogout') || $title == Title::makeName(NS_SPECIAL, 'UserLogin')) {
        return;
    }
    // Process the username if required
    if (!isset($_SERVER['REMOTE_USER'])) {
        return;
    }
    if (isset($wgAuthRemoteuserDomain) && strlen($wgAuthRemoteuserDomain)) {
        $username = str_replace("{$wgAuthRemoteuserDomain}\\", "", $_SERVER['REMOTE_USER']);
        $username = str_replace("@{$wgAuthRemoteuserDomain}", "", $username);
    } else {
        $username = $_SERVER['REMOTE_USER'];
    }
    // Check for valid session
    $user = User::newFromSession();
    if (!$user->isAnon()) {
        if ($user->getName() == $wgAuth->getCanonicalName($username)) {
            return;
            // Correct user is already logged in.
        } else {
            $user->doLogout();
            // Logout mismatched user.
        }
    }
    // Copied from includes/SpecialUserlogin.php
    if (!isset($wgCommandLineMode) && !isset($_COOKIE[session_name()])) {
        wfSetupSession();
    }
    // If the login form returns NEED_TOKEN try once more with the right token
    $trycount = 0;
    $token = '';
    $errormessage = '';
    do {
        $tryagain = false;
        // Submit a fake login form to authenticate the user.
        $params = new FauxRequest(array('wpName' => $username, 'wpPassword' => '', 'wpDomain' => '', 'wpLoginToken' => $token, 'wpRemember' => ''));
        // Authenticate user data will automatically create new users.
        $loginForm = new LoginForm($params);
        $result = $loginForm->authenticateUserData();
        switch ($result) {
            case LoginForm::SUCCESS:
                $wgUser->setOption('rememberpassword', 1);
                $wgUser->setCookies();
                break;
            case LoginForm::NEED_TOKEN:
                $token = $loginForm->getLoginToken();
                $tryagain = $trycount == 0;
                break;
            case LoginForm::WRONG_TOKEN:
                $errormessage = 'WrongToken';
                break;
            case LoginForm::NO_NAME:
                $errormessage = 'NoName';
                break;
            case LoginForm::ILLEGAL:
                $errormessage = 'Illegal';
                break;
            case LoginForm::WRONG_PLUGIN_PASS:
                $errormessage = 'WrongPluginPass';
                break;
            case LoginForm::NOT_EXISTS:
                $errormessage = 'NotExists';
                break;
            case LoginForm::WRONG_PASS:
                $errormessage = 'WrongPass';
                break;
            case LoginForm::EMPTY_PASS:
                $errormessage = 'EmptyPass';
                break;
            default:
                $errormessage = 'Unknown';
                break;
        }
        if ($result != LoginForm::SUCCESS && $result != LoginForm::NEED_TOKEN) {
            error_log('Unexpected REMOTE_USER authentication failure. Login Error was:' . $errormessage);
        }
        $trycount++;
    } while ($tryagain);
    return;
}
コード例 #11
0
ファイル: Piggyback_body.php プロジェクト: Tjorriemorrie/app
 function render()
 {
     global $wgOut, $wgExtensionsPath;
     if (!LoginForm::getLoginToken()) {
         LoginForm::setLoginToken();
     }
     $this->templateData['loginToken'] = LoginForm::getLoginToken();
     $wgOut->addStyle("{$wgExtensionsPath}/wikia/Piggyback/Piggyback.css");
     $html = (new Wikia\Template\PHPEngine())->setData($this->templateData)->render(dirname(__FILE__) . '/templates/Piggyback_form.php');
     $wgOut->addHtml($html);
 }
コード例 #12
0
ファイル: FBConnectHooks.php プロジェクト: schwarer2006/wikia
 public static function afterAjaxLoginHTML(&$html)
 {
     $tmpl = new EasyTemplate(dirname(__FILE__) . '/templates/');
     if (!LoginForm::getLoginToken()) {
         LoginForm::setLoginToken();
     }
     $tmpl->set("loginToken", LoginForm::getLoginToken());
     $tmpl->set("fbButtton", FBConnect::getFBButton("sendToConnectOnLoginForSpecificForm();", "fbPrefsConnect"));
     $html = $tmpl->execute('ajaxLoginMerge');
     return true;
 }
コード例 #13
0
ファイル: ApiAjaxLogin.php プロジェクト: schwarer2006/wikia
 public function execute()
 {
     wfSetupSession();
     $Name = $Password = $Remember = $Loginattempt = $Mailmypassword = $Token = null;
     extract($this->extractRequestParams());
     if (!empty($Loginattempt)) {
         // Login attempt
         $params = new FauxRequest(array('wpName' => $Name, 'wpPassword' => $Password, 'wpRemember' => $Remember, 'wpLoginattempt' => $Loginattempt, 'wpLoginToken' => $Token));
         $result = array();
         $loginForm = new LoginForm($params);
         switch ($loginForm->authenticateUserData()) {
             case LoginForm::RESET_PASS:
                 $result['result'] = 'Reset';
                 break;
             case LoginForm::SUCCESS:
                 global $wgUser, $wgCookiePrefix;
                 $wgUser->setOption('rememberpassword', $Remember ? 1 : 0);
                 $wgUser->setCookies();
                 $result['result'] = 'Success';
                 $result['lguserid'] = intval($wgUser->getId());
                 $result['lgusername'] = $wgUser->getName();
                 $result['lgtoken'] = $wgUser->getToken();
                 $result['cookieprefix'] = $wgCookiePrefix;
                 $result['sessionid'] = session_id();
                 break;
             case LoginForm::NEED_TOKEN:
                 $result['result'] = 'NeedToken';
                 $result['token'] = $loginForm->getLoginToken();
                 $result['cookieprefix'] = $wgCookiePrefix;
                 $result['sessionid'] = session_id();
                 break;
             case LoginForm::WRONG_TOKEN:
                 $result['result'] = 'WrongToken';
                 break;
             case LoginForm::NO_NAME:
                 $result['result'] = 'NoName';
                 $result['text'] = wfMsg('noname');
                 break;
             case LoginForm::ILLEGAL:
                 $result['result'] = 'Illegal';
                 $result['text'] = wfMsg('noname');
                 break;
             case LoginForm::WRONG_PLUGIN_PASS:
                 $result['result'] = 'WrongPluginPass';
                 $result['text'] = wfMsg('wrongpassword');
                 break;
             case LoginForm::NOT_EXISTS:
                 $result['result'] = 'NotExists';
                 $result['text'] = wfMsg('al-nosuchuser', htmlspecialchars($Name));
                 break;
             case LoginForm::RESET_PASS:
             case LoginForm::WRONG_PASS:
                 $result['result'] = 'WrongPass';
                 $result['text'] = wfMsg('wrongpassword');
                 break;
             case LoginForm::EMPTY_PASS:
                 $result['result'] = 'EmptyPass';
                 $result['text'] = wfMsg('wrongpasswordempty');
                 break;
             case LoginForm::CREATE_BLOCKED:
                 $result['result'] = 'CreateBlocked';
                 $result['text'] = wfMsg('al-createblocked');
                 break;
             case LoginForm::THROTTLED:
                 global $wgPasswordAttemptThrottle, $wgLang;
                 $result['result'] = 'Throttled';
                 $result['text'] = wfMsgExt('al-throttled', 'parsemag', $wgLang->formatNum(intval($wgPasswordAttemptThrottle['seconds'])));
                 break;
             case LoginForm::USER_BLOCKED:
                 $result['result'] = 'Blocked';
                 break;
             default:
                 ApiBase::dieDebug(__METHOD__, 'Unhandled case value');
         }
         $dbw = wfGetDB(DB_MASTER);
         $dbw->commit();
         $this->getResult()->addValue(null, 'ajaxlogin', $result);
     } elseif (!empty($Mailmypassword)) {
         // Remind password attempt
         $params = new FauxRequest(array('wpName' => $Name));
         $result = array();
         $loginForm = new LoginForm($params);
         global $wgUser, $wgAuth;
         if (!$wgAuth->allowPasswordChange()) {
             $result['result'] = 'resetpass_forbidden';
             $result['text'] = wfMsg('resetpass_forbidden');
         } elseif ($wgUser->isBlocked()) {
             $result['result'] = 'blocked-mailpassword';
             $result['text'] = wfMsg('blocked-mailpassword');
         } elseif ('' == $loginForm->mName) {
             $result['result'] = 'noname';
             $result['text'] = wfMsg('noname');
         } else {
             $u = User::newFromName($loginForm->mName);
             if (is_null($u)) {
                 $result['result'] = 'noname';
                 $result['text'] = wfMsg('noname');
             } elseif (0 == $u->getID()) {
                 $result['result'] = 'nosuchuser';
                 $result['text'] = wfMsg('al-nosuchuser', $u->getName());
             } elseif ($u->isPasswordReminderThrottled()) {
                 global $wgPasswordReminderResendTime;
                 $result['result'] = 'throttled-mailpassword';
                 $result['text'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
             } else {
                 $res = $loginForm->mailPasswordInternal($u, true);
                 if (WikiError::isError($res)) {
                     $result['result'] = 'mailerror';
                     $result['text'] = wfMsg('mailerror', $res->getMessage());
                 } else {
                     $result['result'] = 'OK';
                     $result['text'] = wfMsg('passwordsent', $u->getName());
                 }
             }
         }
         $dbw = wfGetDB(DB_MASTER);
         $dbw->commit();
         $this->getResult()->addValue(null, 'ajaxlogin', $result);
     }
 }