From 00658d680007c63f02627bc18a56792db2999f34 Mon Sep 17 00:00:00 2001
From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Mon, 29 Feb 2016 12:12:17 -0500
Subject: [PATCH] Allow API action=logout with BotPasswords

Since login is handled specially, do the same for logout.

Bug: T128335
Change-Id: Ib3b12d7045449b5c44f5ff7d1ecfce14416e8400
---
 includes/api/ApiLogout.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/includes/api/ApiLogout.php b/includes/api/ApiLogout.php
index 2c3820848f..6a26e2e350 100644
--- a/includes/api/ApiLogout.php
+++ b/includes/api/ApiLogout.php
@@ -24,6 +24,8 @@
  * @file
  */
 
+use MediaWiki\Session\BotPasswordSessionProvider;
+
 /**
  * API module to allow users to log out of the wiki. API equivalent of
  * Special:Userlogout.
@@ -33,8 +35,15 @@
 class ApiLogout extends ApiBase {
 
 	public function execute() {
-		// Make sure it's possible to log out
 		$session = MediaWiki\Session\SessionManager::getGlobalSession();
+
+		// Handle bot password logout specially
+		if ( $session->getProvider() instanceof BotPasswordSessionProvider ) {
+			$session->unpersist();
+			return;
+		}
+
+		// Make sure it's possible to log out
 		if ( !$session->canSetUser() ) {
 			$this->dieUsage(
 				'Cannot log out when using ' .
-- 
2.20.1