Allow API action=logout with BotPasswords

Since login is handled specially, do the same for logout.

Bug: T128335
Change-Id: Ib3b12d7045449b5c44f5ff7d1ecfce14416e8400

diff --git a/includes/api/ApiLogout.php b/includes/api/ApiLogout.php
index 2c38208..6a26e2e 100644 (file)
--- a/includes/api/ApiLogout.php
+++ b/includes/api/ApiLogout.php
@@ -24,6 +24,8 @@
  * @file
  */
 
+use MediaWiki\Session\BotPasswordSessionProvider;
+
 /**
  * API module to allow users to log out of the wiki. API equivalent of
  * Special:Userlogout.
@@ -33,8 +35,15 @@
 class ApiLogout extends ApiBase {
 
        public function execute() {
-               // Make sure it's possible to log out
                $session = MediaWiki\Session\SessionManager::getGlobalSession();
+
+               // Handle bot password logout specially
+               if ( $session->getProvider() instanceof BotPasswordSessionProvider ) {
+                       $session->unpersist();
+                       return;
+               }
+
+               // Make sure it's possible to log out
                if ( !$session->canSetUser() ) {
                        $this->dieUsage(
                                'Cannot log out when using ' .