Added release notes for 'ContentHandler::runLegacyHooks' removal
[mediawiki.git] / includes / api / ApiResetPassword.php
blobb5fa8ed859e0191243f55f58835bf471038035af
1 <?php
2 /**
3 * Copyright © 2016 Brad Jorsch <bjorsch@wikimedia.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
23 use MediaWiki\Auth\AuthManager;
25 /**
26 * Reset password, with AuthManager
28 * @ingroup API
30 class ApiResetPassword extends ApiBase {
32 private $hasAnyRoutes = null;
34 /**
35 * Determine whether any reset routes are available.
36 * @return bool
38 private function hasAnyRoutes() {
39 if ( $this->hasAnyRoutes === null ) {
40 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
41 $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
43 return $this->hasAnyRoutes;
46 protected function getDescriptionMessage() {
47 if ( !$this->hasAnyRoutes() ) {
48 return 'apihelp-resetpassword-description-noroutes';
50 return parent::getDescriptionMessage();
53 public function execute() {
54 if ( !$this->hasAnyRoutes() ) {
55 $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
58 $params = $this->extractRequestParams() + [
59 // Make sure the keys exist even if getAllowedParams didn't define them
60 'user' => null,
61 'email' => null,
64 $this->requireOnlyOneParameter( $params, 'user', 'email' );
66 $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
68 $status = $passwordReset->isAllowed( $this->getUser() );
69 if ( !$status->isOK() ) {
70 $this->dieStatus( Status::wrap( $status ) );
73 $status = $passwordReset->execute(
74 $this->getUser(), $params['user'], $params['email']
76 if ( !$status->isOK() ) {
77 $status->value = null;
78 $this->dieStatus( Status::wrap( $status ) );
81 $result = $this->getResult();
82 $result->addValue( [ 'resetpassword' ], 'status', 'success' );
85 public function isWriteMode() {
86 return $this->hasAnyRoutes();
89 public function needsToken() {
90 if ( !$this->hasAnyRoutes() ) {
91 return false;
93 return 'csrf';
96 public function getAllowedParams() {
97 if ( !$this->hasAnyRoutes() ) {
98 return [];
101 $ret = [
102 'user' => [
103 ApiBase::PARAM_TYPE => 'user',
105 'email' => [
106 ApiBase::PARAM_TYPE => 'string',
110 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
111 if ( empty( $resetRoutes['username'] ) ) {
112 unset( $ret['user'] );
114 if ( empty( $resetRoutes['email'] ) ) {
115 unset( $ret['email'] );
118 return $ret;
121 protected function getExamplesMessages() {
122 $ret = [];
123 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
125 if ( !empty( $resetRoutes['username'] ) ) {
126 $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
128 if ( !empty( $resetRoutes['email'] ) ) {
129 $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
130 'apihelp-resetpassword-example-email';
133 return $ret;
136 public function getHelpUrls() {
137 return 'https://www.mediawiki.org/wiki/API:Manage_authentication_data';