00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027 if (!defined('MEDIAWIKI')) {
00028
00029 require_once ('ApiBase.php');
00030 }
00031
00037 class ApiLogin extends ApiBase {
00038
00039 public function __construct($main, $action) {
00040 parent :: __construct($main, $action, 'lg');
00041 }
00042
00054 public function execute() {
00055 $params = $this->extractRequestParams();
00056
00057 $result = array ();
00058
00059 $req = new FauxRequest(array (
00060 'wpName' => $params['name'],
00061 'wpPassword' => $params['password'],
00062 'wpDomain' => $params['domain'],
00063 'wpLoginToken' => $params['token'],
00064 'wpRemember' => ''
00065 ));
00066
00067
00068 if( session_id() == '' ) {
00069 wfSetupSession();
00070 }
00071
00072 $loginForm = new LoginForm($req);
00073 switch ($authRes = $loginForm->authenticateUserData()) {
00074 case LoginForm :: SUCCESS :
00075 global $wgUser, $wgCookiePrefix;
00076
00077 $wgUser->setOption('rememberpassword', 1);
00078 $wgUser->setCookies();
00079
00080
00081
00082 $injected_html = '';
00083 wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
00084
00085 $result['result'] = 'Success';
00086 $result['lguserid'] = intval($wgUser->getId());
00087 $result['lgusername'] = $wgUser->getName();
00088 $result['lgtoken'] = $wgUser->getToken();
00089 $result['cookieprefix'] = $wgCookiePrefix;
00090 $result['sessionid'] = session_id();
00091 break;
00092
00093 case LoginForm::NEED_TOKEN:
00094 global $wgCookiePrefix;
00095 $result['result'] = 'NeedToken';
00096 $result['token'] = $loginForm->getLoginToken();
00097 $result['cookieprefix'] = $wgCookiePrefix;
00098 $result['sessionid'] = session_id();
00099 break;
00100
00101 case LoginForm::WRONG_TOKEN:
00102 $result['result'] = 'WrongToken';
00103 break;
00104
00105 case LoginForm :: NO_NAME :
00106 $result['result'] = 'NoName';
00107 break;
00108 case LoginForm :: ILLEGAL :
00109 $result['result'] = 'Illegal';
00110 break;
00111 case LoginForm :: WRONG_PLUGIN_PASS :
00112 $result['result'] = 'WrongPluginPass';
00113 break;
00114 case LoginForm :: NOT_EXISTS :
00115 $result['result'] = 'NotExists';
00116 break;
00117 case LoginForm :: WRONG_PASS :
00118 $result['result'] = 'WrongPass';
00119 break;
00120 case LoginForm :: EMPTY_PASS :
00121 $result['result'] = 'EmptyPass';
00122 break;
00123 case LoginForm :: CREATE_BLOCKED :
00124 $result['result'] = 'CreateBlocked';
00125 $result['details'] = 'Your IP address is blocked from account creation';
00126 break;
00127 case LoginForm :: THROTTLED :
00128 global $wgPasswordAttemptThrottle;
00129 $result['result'] = 'Throttled';
00130 $result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
00131 break;
00132 default :
00133 ApiBase :: dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
00134 }
00135
00136 $this->getResult()->addValue(null, 'login', $result);
00137 }
00138
00139 public function mustBePosted() { return true; }
00140
00141 public function isReadMode() {
00142 return false;
00143 }
00144
00145 public function getAllowedParams() {
00146 return array (
00147 'name' => null,
00148 'password' => null,
00149 'domain' => null,
00150 'token' => null,
00151 );
00152 }
00153
00154 public function getParamDescription() {
00155 return array (
00156 'name' => 'User Name',
00157 'password' => 'Password',
00158 'domain' => 'Domain (optional)',
00159 'token' => 'Login token obtained in first request',
00160 );
00161 }
00162
00163 public function getDescription() {
00164 return array (
00165 'This module is used to login and get the authentication tokens. ',
00166 'In the event of a successful log-in, a cookie will be attached',
00167 'to your session. In the event of a failed log-in, you will not ',
00168 'be able to attempt another log-in through this method for 5 seconds.',
00169 'This is to prevent password guessing by automated password crackers.'
00170 );
00171 }
00172
00173 protected function getExamples() {
00174 return array(
00175 'api.php?action=login&lgname=user&lgpassword=password'
00176 );
00177 }
00178
00179 public function getVersion() {
00180 return __CLASS__ . ': $Id: ApiLogin.php 69990 2010-07-27 08:44:08Z tstarling $';
00181 }
00182 }