From: Brad Jorsch Date: Thu, 2 Jun 2016 19:26:14 +0000 (-0400) Subject: AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA... X-Git-Tag: 1.31.0-rc.0~6726 X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22config_fonctions%22%2C%20%22image_process=%24process%22%29%20.%20%22?a=commitdiff_plain;h=50b6fb32fb5b63c09acb57452f115062c6639209;p=lhc%2Fweb%2Fwiklou.git AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens We only want to set the local user_token when we create the local account. We don't want to invalidate all existing CentralAuth sessions for the user just because they happened to visit a new wiki and get an account auto-created. This might also fix T136853. It looks like what's going on there is that two jobs are both in this code path calling CentralAuth::resetAuthToken() at the same time, leading to a race and one fails the CAS check. Bug: T136834 Change-Id: I61b8253584a11a5b02f7ccb9efa0679cd2a822c6 --- diff --git a/includes/auth/AuthManager.php b/includes/auth/AuthManager.php index 9618761aa5..402ea968e8 100644 --- a/includes/auth/AuthManager.php +++ b/includes/auth/AuthManager.php @@ -2333,7 +2333,7 @@ class AuthManager implements LoggerAwareInterface { private function setDefaultUserOptions( User $user, $useContextLang ) { global $wgContLang; - \MediaWiki\Session\SessionManager::singleton()->invalidateSessionsForUser( $user ); + $user->setToken(); $lang = $useContextLang ? \RequestContext::getMain()->getLanguage() : $wgContLang; $user->setOption( 'language', $lang->getPreferredVariant() ); diff --git a/includes/specials/pre-authmanager/SpecialUserlogin.php b/includes/specials/pre-authmanager/SpecialUserlogin.php index 8935a490bb..951cb525d9 100644 --- a/includes/specials/pre-authmanager/SpecialUserlogin.php +++ b/includes/specials/pre-authmanager/SpecialUserlogin.php @@ -699,7 +699,7 @@ class LoginFormPreAuthManager extends SpecialPage { $u->setEmail( $this->mEmail ); $u->setRealName( $this->mRealName ); - SessionManager::singleton()->invalidateSessionsForUser( $u ); + $u->setToken(); Hooks::run( 'LocalUserCreated', [ $u, $autocreate ] ); $oldUser = $u;