the text before diffing it.
* Deprecated formats dbg, txt, and yaml have been removed.
* (T47988) The protect log event details now use new-style formatting.
+* The following response properties from action=login are deprecated, and may
+ be removed in the future: lgtoken, cookieprefix, sessionid. Clients should
+ handle cookies to properly manage session state.
=== Action API internal changes in 1.27 ===
* ApiQueryORM removed.
$result['result'] = 'Success';
$result['lguserid'] = intval( $user->getId() );
$result['lgusername'] = $user->getName();
+
+ // @todo: These are deprecated, and should be removed at some
+ // point (1.28 at the earliest, and see T121527). They were ok
+ // when the core cookie-based login was the only thing, but
+ // CentralAuth broke that a while back and
+ // SessionManager/AuthManager are *really* going to break it.
$result['lgtoken'] = $user->getToken();
$result['cookieprefix'] = $this->getConfig()->get( 'CookiePrefix' );
$result['sessionid'] = session_id();
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = $loginForm->getLoginToken();
+
+ // @todo: See above about deprecation
$result['cookieprefix'] = $this->getConfig()->get( 'CookiePrefix' );
$result['sessionid'] = session_id();
break;