includes/api/ApiResetPassword.php

   1 <?php
   2 /**
   3  * Copyright © 2016 Brad Jorsch <bjorsch@wikimedia.org>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  */
  22
  23 use MediaWiki\Auth\AuthManager;
  24
  25 /**
  26  * Reset password, with AuthManager
  27  *
  28  * @ingroup API
  29  */
  30 class ApiResetPassword extends ApiBase {
  31
  32         private $hasAnyRoutes = null;
  33
  34         /**
  35          * Determine whether any reset routes are available.
  36          * @return bool
  37          */
  38         private function hasAnyRoutes() {
  39                 if ( $this->hasAnyRoutes === null ) {
  40                         $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
  41                         $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
  42                 }
  43                 return $this->hasAnyRoutes;
  44         }
  45
  46         protected function getDescriptionMessage() {
  47                 if ( !$this->hasAnyRoutes() ) {
  48                         return 'apihelp-resetpassword-description-noroutes';
  49                 }
  50                 return parent::getDescriptionMessage();
  51         }
  52
  53         public function execute() {
  54                 if ( !$this->hasAnyRoutes() ) {
  55                         $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
  56                 }
  57
  58                 $params = $this->extractRequestParams() + [
  59                         // Make sure the keys exist even if getAllowedParams didn't define them
  60                         'user' => null,
  61                         'email' => null,
  62                 ];
  63
  64                 $this->requireOnlyOneParameter( $params, 'user', 'email' );
  65
  66                 $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
  67
  68                 $status = $passwordReset->isAllowed( $this->getUser() );
  69                 if ( !$status->isOK() ) {
  70                         $this->dieStatus( Status::wrap( $status ) );
  71                 }
  72
  73                 $status = $passwordReset->execute(
  74                         $this->getUser(), $params['user'], $params['email']
  75                 );
  76                 if ( !$status->isOK() ) {
  77                         $status->value = null;
  78                         $this->dieStatus( Status::wrap( $status ) );
  79                 }
  80
  81                 $result = $this->getResult();
  82                 $result->addValue( [ 'resetpassword' ], 'status', 'success' );
  83         }
  84
  85         public function isWriteMode() {
  86                 return $this->hasAnyRoutes();
  87         }
  88
  89         public function needsToken() {
  90                 if ( !$this->hasAnyRoutes() ) {
  91                         return false;
  92                 }
  93                 return 'csrf';
  94         }
  95
  96         public function getAllowedParams() {
  97                 if ( !$this->hasAnyRoutes() ) {
  98                         return [];
  99                 }
 100
 101                 $ret = [
 102                         'user' => [
 103                                 ApiBase::PARAM_TYPE => 'user',
 104                         ],
 105                         'email' => [
 106                                 ApiBase::PARAM_TYPE => 'string',
 107                         ],
 108                 ];
 109
 110                 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
 111                 if ( empty( $resetRoutes['username'] ) ) {
 112                         unset( $ret['user'] );
 113                 }
 114                 if ( empty( $resetRoutes['email'] ) ) {
 115                         unset( $ret['email'] );
 116                 }
 117
 118                 return $ret;
 119         }
 120
 121         protected function getExamplesMessages() {
 122                 $ret = [];
 123                 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
 124
 125                 if ( !empty( $resetRoutes['username'] ) ) {
 126                         $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
 127                 }
 128                 if ( !empty( $resetRoutes['email'] ) ) {
 129                         $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
 130                                 'apihelp-resetpassword-example-email';
 131                 }
 132
 133                 return $ret;
 134         }
 135
 136         public function getHelpUrls() {
 137                 return 'https://www.mediawiki.org/wiki/API:Manage_authentication_data';
 138         }
 139 }