00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027 if (!defined('MEDIAWIKI')) {
00028
00029 require_once ('ApiBase.php');
00030 }
00031
00037 class ApiLogin extends ApiBase {
00038
00039 public function __construct($main, $action) {
00040 parent :: __construct($main, $action, 'lg');
00041 }
00042
00054 public function execute() {
00055 $params = $this->extractRequestParams();
00056
00057 $result = array ();
00058
00059 $req = new FauxRequest(array (
00060 'wpName' => $params['name'],
00061 'wpPassword' => $params['password'],
00062 'wpDomain' => $params['domain'],
00063 'wpLoginToken' => $params['token'],
00064 'wpRemember' => ''
00065 ));
00066
00067
00068 if( session_id() == '' ) {
00069 wfSetupSession();
00070 }
00071
00072 $loginForm = new LoginForm($req);
00073 switch ($authRes = $loginForm->authenticateUserData()) {
00074 case LoginForm :: SUCCESS :
00075 global $wgUser, $wgCookiePrefix;
00076
00077 $wgUser->setOption('rememberpassword', 1);
00078 $wgUser->setCookies();
00079
00080
00081
00082 $injected_html = '';
00083 wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
00084
00085 $result['result'] = 'Success';
00086 $result['lguserid'] = intval($wgUser->getId());
00087 $result['lgusername'] = $wgUser->getName();
00088 $result['lgtoken'] = $wgUser->getToken();
00089 $result['cookieprefix'] = $wgCookiePrefix;
00090 $result['sessionid'] = session_id();
00091 break;
00092
00093 case LoginForm::NEED_TOKEN:
00094 $result['result'] = 'NeedToken';
00095 $result['token'] = $loginForm->getLoginToken();
00096 break;
00097
00098 case LoginForm::WRONG_TOKEN:
00099 $result['result'] = 'WrongToken';
00100 break;
00101
00102 case LoginForm :: NO_NAME :
00103 $result['result'] = 'NoName';
00104 break;
00105 case LoginForm :: ILLEGAL :
00106 $result['result'] = 'Illegal';
00107 break;
00108 case LoginForm :: WRONG_PLUGIN_PASS :
00109 $result['result'] = 'WrongPluginPass';
00110 break;
00111 case LoginForm :: NOT_EXISTS :
00112 $result['result'] = 'NotExists';
00113 break;
00114 case LoginForm :: WRONG_PASS :
00115 $result['result'] = 'WrongPass';
00116 break;
00117 case LoginForm :: EMPTY_PASS :
00118 $result['result'] = 'EmptyPass';
00119 break;
00120 case LoginForm :: CREATE_BLOCKED :
00121 $result['result'] = 'CreateBlocked';
00122 $result['details'] = 'Your IP address is blocked from account creation';
00123 break;
00124 case LoginForm :: THROTTLED :
00125 global $wgPasswordAttemptThrottle;
00126 $result['result'] = 'Throttled';
00127 $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
00128 break;
00129 default :
00130 ApiBase :: dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
00131 }
00132
00133 $this->getResult()->addValue(null, 'login', $result);
00134 }
00135
00136 public function mustBePosted() { return true; }
00137
00138 public function isReadMode() {
00139 return false;
00140 }
00141
00142 public function getAllowedParams() {
00143 return array (
00144 'name' => null,
00145 'password' => null,
00146 'domain' => null,
00147 'token' => null,
00148 );
00149 }
00150
00151 public function getParamDescription() {
00152 return array (
00153 'name' => 'User Name',
00154 'password' => 'Password',
00155 'domain' => 'Domain (optional)',
00156 'token' => 'Login token obtained in first request',
00157 );
00158 }
00159
00160 public function getDescription() {
00161 return array (
00162 'This module is used to login and get the authentication tokens. ',
00163 'In the event of a successful log-in, a cookie will be attached',
00164 'to your session. In the event of a failed log-in, you will not ',
00165 'be able to attempt another log-in through this method for 5 seconds.',
00166 'This is to prevent password guessing by automated password crackers.'
00167 );
00168 }
00169
00170 protected function getExamples() {
00171 return array(
00172 'api.php?action=login&lgname=user&lgpassword=password'
00173 );
00174 }
00175
00176 public function getVersion() {
00177 return __CLASS__ . ': $Id: ApiLogin.php 64680 2010-04-07 00:13:46Z tstarling $';
00178 }
00179 }