View previous topic :: View next topic |
coder1
Joined: 25 Apr 2012 Posts: 4
|
Posted: Fri May 04, 2012 1:47 am Post subject: automated login for mediawiki 1.18.2 in php [solved+code] |
|
|
|
i dont have a website so i'd like to share my code here, no warranty given and you might want to add some more error handling/messages, hf:
Code: |
function do_post_request($url, $data, $optional_headers = null) {
$params = array('http' => array(
'method' => 'POST',
'content' => $data));
if ($optional_headers !== null) {
$params['http']['header'] = $optional_headers;
}
$ctx = stream_context_create($params);
if (!$fp = @fopen($url, 'r', false, $ctx)) return FALSE;
$response = @stream_get_contents($fp);
return $response;
}
function mediawiki_login($username, $password) {
/*
* STEP 1: request mediawiki login via api
*/
$url='/wiki/api.php'; // EDIT THIS TO POINT TO YOUR WIKI API!
$data=http_build_query(array('format'=>'json',
'action' =>'login',
'lgname' =>$username,
'lgpassword'=>$password));
$headers="Content-type: application/x-www-form-urlencoded\r\n".
"Content-length: ".strlen($data)."\r\n".
"Connection: close\r\n";
$contents=do_post_request($url, $data, $headers);
if ($contents===FALSE) return FALSE;
$mwdata = json_decode($contents, true);
// check if the api answers as expected
if($mwdata["login"]["result"] != "NeedToken"){
return FALSE;
}
$token= $mwdata['login']['token'];
$cookieprefix= $mwdata['login']['cookieprefix'];
$sessionid= $mwdata['login']['sessionid'];
/*
* STEP 2: send token using sessionid cookie
*/
$data=http_build_query(array('format'=>'json',
'action' =>'login',
'lgname' =>$username,
'lgpassword'=>$password,
'lgtoken' => $token));
$headers="Content-type: application/x-www-form-urlencoded\r\n".
"Content-length: ".strlen($data)."\r\n".
"Cookie: ".$cookieprefix."_session=".$sessionid."\r\n".
"Connection: close\r\n";
$contents=do_post_request($url, $data, $headers);
if ($contents===FALSE) return FALSE;
$mwdata = json_decode($contents, true);
if($mwdata["login"]["result"] != "Success") return FALSE;
// login success, set the mediawiki cookies
$cookieprefix= $mwdata['login']['cookieprefix'];
$sessionid= $mwdata['login']['sessionid'];
$userid= $mwdata['login']['lguserid'];
$username= $mwdata['login']['lgusername'];
setcookie($cookieprefix.'UserID', $userid, 0, '/', '.yourdomain.tld', FALSE, TRUE); // INSERT YOUR DOMAIN
setcookie($cookieprefix.'UserName', $username, 0, '/', '.yourdomain.tld', FALSE, TRUE);
setcookie($cookieprefix.'_session', $sessionid, 0, '/', '.yourdomain.tld', FALSE, TRUE);
return TRUE;
}
|
Edit: forgot to replace some global variables that i used
Last edited by coder1 on Sat May 26, 2012 2:13 am; edited 3 times in total |
|
Back to top |
|
|
coder1
Joined: 25 Apr 2012 Posts: 4
|
Posted: Fri May 04, 2012 1:48 am Post subject: |
|
|
|
btw, this does not replace the auth plugin. it does work well together with auth plugin, though. |
|
Back to top |
|
|
root Site Admin
Joined: 24 Jun 2005 Posts: 471
|
Posted: Tue May 08, 2012 10:40 am Post subject: |
|
|
|
Thanks coder1,
What file does this code go into/replace?
I see the two methods but I do not see anything that talks about the callers. So how do you suggest people implement this into their site? |
|
Back to top |
|
|
root Site Admin
Joined: 24 Jun 2005 Posts: 471
|
Posted: Tue May 08, 2012 10:48 am Post subject: |
|
|
|
I wonder if you can call the login command on api.php directly so you do not have to do another http request.
Although your method does solve the name space issue that kept me from doing a true single sign on (SSO) solution. |
|
Back to top |
|
|
coder1
Joined: 25 Apr 2012 Posts: 4
|
Posted: Sat May 26, 2012 2:10 am Post subject: |
|
|
|
the code can reside in any file in your website, it's pretty much standalone, just call mediawiki_login() when a user has authenticated.
i think the general idea in an api is to use its interface and not call functions inside of its modules, but it probably could save you from doing post requests.
on the other hand, you will most likely have to change your code once the api code changes, while when doing post requests, you will only have to work on it again when the api interface changes.
greetings, c1 |
|
Back to top |
|
|
blak3r
Joined: 30 Apr 2013 Posts: 1
|
Posted: Tue Apr 30, 2013 9:41 pm Post subject: |
|
|
|
@coder1 Thanks for the code. Looks like it's gonna do the trick for me.
Pretty cool I didn't have to hack around with any plugins for mediawiki to get my SSO working. |
|
Back to top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
alexisBlue v1.2 // Theme Created By: Andrew Charron and Web Hosting Bluebook
|