From 36ec0c6984cf284a5d5f661f17cc68c37a7f223d Mon Sep 17 00:00:00 2001 From: "James D. Forrester" Date: Thu, 13 Sep 2018 15:20:11 -0700 Subject: [PATCH] Drop six authentication-related hooks, deprecated in 1.27 AbortAutoAccount, AbortNewAccount, AbortLogin, LoginUserMigrated, UserCreateForm, and UserLoginForm are all unused in Wikimedia production and rare in other extensions. This also scraps the FakeAuthTemplate and LoginForm classes and the occasional remainig references thereto. Bug: T193755 Change-Id: I24d6fa963f402d4311fa00fc11536a37ee3bd31e --- RELEASE-NOTES-1.33 | 6 + autoload.php | 2 - docs/hooks.txt | 43 -- includes/exception/UserNotLoggedIn.php | 5 +- .../specialpage/LoginSignupSpecialPage.php | 413 +----------------- 5 files changed, 11 insertions(+), 458 deletions(-) diff --git a/RELEASE-NOTES-1.33 b/RELEASE-NOTES-1.33 index e7ada4cc95..39e288d20c 100644 --- a/RELEASE-NOTES-1.33 +++ b/RELEASE-NOTES-1.33 @@ -89,6 +89,12 @@ because of Phabricator reports. Additionally, the 'APIGetDescription' and 'APIGetParamDescription' hooks have been removed, as their only use was to let extensions override values returned by getDescription() and getParamDescription(), respectively. +* The authentication hooks 'AbortAutoAccount' 'AbortNewAccount', 'AbortLogin', + 'LoginUserMigrated', 'UserCreateForm', and 'UserLoginForm', all deprecated by + the creation of AuthManager in 1.27, have been removed. This also means that + the FakeAuthTemplate and LoginForm classes are removed, that FakeAuthTemplate + is no longer passed into LoginSignupSpecialPage->getFieldDefinitions(), and + that LoginSignupSpecialPage->getBCFieldDefinitions() is removed. * … === Deprecations in 1.33 === diff --git a/autoload.php b/autoload.php index 6df039c0cf..2518a04ebb 100644 --- a/autoload.php +++ b/autoload.php @@ -491,7 +491,6 @@ $wgAutoloadLocalClasses = [ 'FSFileBackendList' => __DIR__ . '/includes/libs/filebackend/FSFileBackend.php', 'FSFileOpHandle' => __DIR__ . '/includes/libs/filebackend/FSFileBackend.php', 'FSLockManager' => __DIR__ . '/includes/libs/lockmanager/FSLockManager.php', - 'FakeAuthTemplate' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php', 'FakeConverter' => __DIR__ . '/languages/FakeConverter.php', 'FakeMaintenance' => __DIR__ . '/maintenance/Maintenance.php', 'FakeResultWrapper' => __DIR__ . '/includes/libs/rdbms/database/resultwrapper/FakeResultWrapper.php', @@ -808,7 +807,6 @@ $wgAutoloadLocalClasses = [ 'LogPager' => __DIR__ . '/includes/logging/LogPager.php', 'LoggedOutEditToken' => __DIR__ . '/includes/user/LoggedOutEditToken.php', 'LoggedUpdateMaintenance' => __DIR__ . '/maintenance/Maintenance.php', - 'LoginForm' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php', 'LoginHelper' => __DIR__ . '/includes/specials/helpers/LoginHelper.php', 'LoginSignupSpecialPage' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php', 'LonelyPagesPage' => __DIR__ . '/includes/specials/SpecialLonelypages.php', diff --git a/docs/hooks.txt b/docs/hooks.txt index 5afd6fbf39..66967e0b37 100644 --- a/docs/hooks.txt +++ b/docs/hooks.txt @@ -240,13 +240,6 @@ MediaWiki 1.4rc1. This is a list of known events and parameters; please add to it if you're going to add events to the MediaWiki code. -'AbortAutoAccount': DEPRECATED since 1.27! Create a PreAuthenticationProvider -instead. Return false to cancel automated local account creation, where normally -authentication against an external auth plugin would be creating a local -account. -$user: the User object about to be created (read-only, incomplete) -&$abortMsg: out parameter: name of error message to be displayed to user - 'AbortAutoblock': Return false to cancel an autoblock. $autoblockip: The IP going to be autoblocked. &$block: The block from which the autoblock is coming. @@ -259,25 +252,6 @@ $editor: The User who made the change. $title: The Title of the page that was edited. $rc: The current RecentChange object. -'AbortLogin': DEPRECATED since 1.27! Create a PreAuthenticationProvider instead. -Return false to cancel account login. -$user: the User object being authenticated against -$password: the password being submitted, not yet checked for validity -&$retval: a LoginForm class constant to return from authenticateUserData(); - default is LoginForm::ABORTED. Note that the client may be using a machine - API rather than the HTML user interface. -&$msg: the message identifier for abort reason (new in 1.18, not available - before 1.18) - -'AbortNewAccount': DEPRECATED since 1.27! Create a PreAuthenticationProvider -instead. Return false to cancel explicit account creation. -$user: the User object about to be created (read-only, incomplete) -&$msg: out parameter: HTML to display on abort -&$status: out parameter: Status object to return, replaces the older $msg param - (added in 1.23) - Create the object with Status::newFatal() to ensure proper API error - messages are returned when creating account through API clients. - 'AbortTalkPageEmailNotification': Return false to cancel talk page email notification $targetUser: the user whom to send talk page email notification @@ -2224,15 +2198,6 @@ in LoginForm::$validErrorMessages). &$messages: Already added messages (inclusive messages from LoginForm::$validErrorMessages) -'LoginUserMigrated': DEPRECATED since 1.27! Create a PreAuthenticationProvider -instead. Called during login to allow extensions the opportunity to inform a -user that their username doesn't exist for a specific reason, instead of letting -the login form give the generic error message that the account does not exist. -For example, when the account has been renamed or deleted. -$user: the User object being authenticated against. -&$msg: the message identifier for abort reason, or an array to pass a message - key and parameters. - 'LogLine': Processes a single log entry on Special:Log. $log_type: string for the type of log entry (e.g. 'move'). Corresponds to logging.log_type database field. @@ -3682,10 +3647,6 @@ messages!" message, return false to not delete it. &$user: User (object) that will clear the message $oldid: ID of the talk page revision being viewed (0 means the most recent one) -'UserCreateForm': DEPRECATED since 1.27! Create an AuthenticationProvider -instead. Manipulate the login form. -&$template: SimpleTemplate instance for the form - 'UserEffectiveGroups': Called in User::getEffectiveGroups(). &$user: User to get groups for &$groups: Current effective groups @@ -3804,10 +3765,6 @@ $direct: (bool) The hook is called directly after a successful login. This will only happen once per login. A UserLoginComplete call with direct=false can happen when the user visits the login page while already logged in. -'UserLoginForm': DEPRECATED since 1.27! Create an AuthenticationProvider -instead. Manipulate the login form. -&$template: QuickTemplate instance for the form - 'UserLogout': Before a user logs out. &$user: the user object that is about to be logged out diff --git a/includes/exception/UserNotLoggedIn.php b/includes/exception/UserNotLoggedIn.php index 6086d559f5..7a99765e9c 100644 --- a/includes/exception/UserNotLoggedIn.php +++ b/includes/exception/UserNotLoggedIn.php @@ -53,9 +53,8 @@ class UserNotLoggedIn extends ErrorPageError { /** - * @note The value of the $reasonMsg parameter must be put into LoginForm::validErrorMessages or - * set with the LoginFormValidErrorMessages Hook. - * if you want the user to be automatically redirected to the login form. + * @note The value of the $reasonMsg parameter must be set with the LoginFormValidErrorMessages + * hook if you want the user to be automatically redirected to the login form. * * @param string $reasonMsg A message key containing the reason for the error. * Optional, default: 'exception-nologin-text' diff --git a/includes/specialpage/LoginSignupSpecialPage.php b/includes/specialpage/LoginSignupSpecialPage.php index eb2259ec42..48dd405a13 100644 --- a/includes/specialpage/LoginSignupSpecialPage.php +++ b/includes/specialpage/LoginSignupSpecialPage.php @@ -24,7 +24,6 @@ use MediaWiki\Auth\AuthenticationRequest; use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; -use MediaWiki\Auth\Throttler; use MediaWiki\Logger\LoggerFactory; use MediaWiki\MediaWikiServices; use MediaWiki\Session\SessionManager; @@ -63,9 +62,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { /** @var HTMLForm */ protected $authForm; - /** @var FakeAuthTemplate */ - protected $fakeTemplate; - abstract protected function isSignup(); /** @@ -662,8 +658,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { // get basic form description from the auth logic $fieldInfo = AuthenticationRequest::mergeFieldInfo( $requests ); - $fakeTemplate = $this->getFakeTemplate( $msg, $msgType ); - $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook // this will call onAuthChangeFormFields() $formDescriptor = static::fieldInfoToFormDescriptor( $requests, $fieldInfo, $this->authAction ); $this->postProcessFormDescriptor( $formDescriptor, $requests ); @@ -704,161 +698,23 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { return $form; } - /** - * Temporary B/C method to handle extensions using the UserLoginForm/UserCreateForm hooks. - * @param string|Message $msg - * @param string $msgType - * @return FakeAuthTemplate - */ - protected function getFakeTemplate( $msg, $msgType ) { - global $wgAuth, $wgEnableEmail, $wgHiddenPrefs, $wgEmailConfirmToEdit, $wgEnableUserEmail, - $wgSecureLogin, $wgPasswordResetRoutes; - - // make a best effort to get the value of fields which used to be fixed in the old login - // template but now might or might not exist depending on what providers are used - $request = $this->getRequest(); - $data = (object)[ - 'mUsername' => $request->getText( 'wpName' ), - 'mPassword' => $request->getText( 'wpPassword' ), - 'mRetype' => $request->getText( 'wpRetype' ), - 'mEmail' => $request->getText( 'wpEmail' ), - 'mRealName' => $request->getText( 'wpRealName' ), - 'mDomain' => $request->getText( 'wpDomain' ), - 'mReason' => $request->getText( 'wpReason' ), - 'mRemember' => $request->getCheck( 'wpRemember' ), - ]; - - // Preserves a bunch of logic from the old code that was rewritten in getAuthForm(). - // There is no code reuse to make this easier to remove . - // If an extension tries to change any of these values, they are out of luck - we only - // actually use the domain/usedomain/domainnames, extraInput and extrafields keys. - - $titleObj = $this->getPageTitle(); - $user = $this->getUser(); - $template = new FakeAuthTemplate(); - - // Pre-fill username (if not creating an account, T46775). - if ( $data->mUsername == '' && $this->isSignup() ) { - if ( $user->isLoggedIn() ) { - $data->mUsername = $user->getName(); - } else { - $data->mUsername = $this->getRequest()->getSession()->suggestLoginUsername(); - } - } - - if ( $this->isSignup() ) { - // Must match number of benefits defined in messages - $template->set( 'benefitCount', 3 ); - - $q = 'action=submitlogin&type=signup'; - $linkq = 'type=login'; - } else { - $q = 'action=submitlogin&type=login'; - $linkq = 'type=signup'; - } - - if ( $this->mReturnTo !== '' ) { - $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo ); - if ( $this->mReturnToQuery !== '' ) { - $returnto .= '&returntoquery=' . - wfUrlencode( $this->mReturnToQuery ); - } - $q .= $returnto; - $linkq .= $returnto; - } - - # Don't show a "create account" link if the user can't. - if ( $this->showCreateAccountLink() ) { - # Pass any language selection on to the mode switch link - if ( $this->mLanguage ) { - $linkq .= '&uselang=' . urlencode( $this->mLanguage ); - } - // Supply URL, login template creates the button. - $template->set( 'createOrLoginHref', $titleObj->getLocalURL( $linkq ) ); - } else { - $template->set( 'link', '' ); - } - - $resetLink = $this->isSignup() - ? null - : is_array( $wgPasswordResetRoutes ) - && in_array( true, array_values( $wgPasswordResetRoutes ), true ); - - $template->set( 'header', '' ); - $template->set( 'formheader', '' ); - $template->set( 'skin', $this->getSkin() ); - - $template->set( 'name', $data->mUsername ); - $template->set( 'password', $data->mPassword ); - $template->set( 'retype', $data->mRetype ); - $template->set( 'createemailset', false ); // no easy way to get that from AuthManager - $template->set( 'email', $data->mEmail ); - $template->set( 'realname', $data->mRealName ); - $template->set( 'domain', $data->mDomain ); - $template->set( 'reason', $data->mReason ); - $template->set( 'remember', $data->mRemember ); - - $template->set( 'action', $titleObj->getLocalURL( $q ) ); - $template->set( 'message', $msg ); - $template->set( 'messagetype', $msgType ); - $template->set( 'createemail', $wgEnableEmail && $user->isLoggedIn() ); - $template->set( 'userealname', !in_array( 'realname', $wgHiddenPrefs, true ) ); - $template->set( 'useemail', $wgEnableEmail ); - $template->set( 'emailrequired', $wgEmailConfirmToEdit ); - $template->set( 'emailothers', $wgEnableUserEmail ); - $template->set( 'canreset', $wgAuth->allowPasswordChange() ); - $template->set( 'resetlink', $resetLink ); - $template->set( 'canremember', $request->getSession()->getProvider() - ->getRememberUserDuration() !== null ); - $template->set( 'usereason', $user->isLoggedIn() ); - $template->set( 'cansecurelogin', ( $wgSecureLogin ) ); - $template->set( 'stickhttps', (int)$this->mStickHTTPS ); - $template->set( 'loggedin', $user->isLoggedIn() ); - $template->set( 'loggedinuser', $user->getName() ); - $template->set( 'token', $this->getToken()->toString() ); - - $action = $this->isSignup() ? 'signup' : 'login'; - $wgAuth->modifyUITemplate( $template, $action ); - - $oldTemplate = $template; - - // Both Hooks::run are explicit here to make findHooks.php happy - if ( $this->isSignup() ) { - Hooks::run( 'UserCreateForm', [ &$template ], '1.27' ); - if ( $oldTemplate !== $template ) { - wfDeprecated( "reference in UserCreateForm hook", '1.27' ); - } - } else { - Hooks::run( 'UserLoginForm', [ &$template ], '1.27' ); - if ( $oldTemplate !== $template ) { - wfDeprecated( "reference in UserLoginForm hook", '1.27' ); - } - } - - return $template; - } - public function onAuthChangeFormFields( array $requests, array $fieldInfo, array &$formDescriptor, $action ) { - $coreFieldDescriptors = $this->getFieldDefinitions( $this->fakeTemplate ); - $specialFields = array_merge( [ 'extraInput' ], - array_keys( $this->fakeTemplate->getExtraInputDefinitions() ) ); + $coreFieldDescriptors = $this->getFieldDefinitions(); // keep the ordering from getCoreFieldDescriptors() where there is no explicit weight foreach ( $coreFieldDescriptors as $fieldName => $coreField ) { $requestField = $formDescriptor[$fieldName] ?? []; // remove everything that is not in the fieldinfo, is not marked as a supplemental field - // to something in the fieldinfo, is not B/C for the pre-AuthManager templates, - // and is not an info field or a submit button + // to something in the fieldinfo, and is not an info field or a submit button if ( !isset( $fieldInfo[$fieldName] ) && ( !isset( $coreField['baseField'] ) || !isset( $fieldInfo[$coreField['baseField']] ) ) - && !in_array( $fieldName, $specialFields, true ) && ( !isset( $coreField['type'] ) || !in_array( $coreField['type'], [ 'submit', 'info' ], true ) @@ -897,10 +753,9 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { /** * Create a HTMLForm descriptor for the core login fields. - * @param FakeAuthTemplate $template B/C data (not used but needed by getBCFieldDefinitions) * @return array */ - protected function getFieldDefinitions( $template ) { + protected function getFieldDefinitions() { global $wgEmailConfirmToEdit; $isLoggedIn = $this->getUser()->isLoggedIn(); @@ -1017,7 +872,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { 'size' => '20', 'placeholder-message' => 'createacct-reason-ph', ], - 'extrainput' => [], // placeholder for fields coming from the template 'createaccount' => [ // submit button 'type' => 'submit', @@ -1040,7 +894,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { 'placeholder-message' => 'userlogin-yourpassword-ph', ], 'domain' => [], - 'extrainput' => [], 'rememberMe' => [ // option for saving the user token to a cookie 'type' => 'check', @@ -1093,19 +946,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { // 'required' => true, ]; - if ( $template->get( 'header' ) || $template->get( 'formheader' ) ) { - // B/C for old extensions that haven't been converted to AuthManager (or have been - // but somebody is using the old version) and still use templates via the - // UserCreateForm/UserLoginForm hook. - // 'header' used by ConfirmEdit, ConfirmAccount, Persona, WikimediaIncubator, SemanticSignup - // 'formheader' used by MobileFrontend - $fieldDefinitions['header'] = [ - 'type' => 'info', - 'raw' => true, - 'default' => $template->get( 'header' ) ?: $template->get( 'formheader' ), - 'weight' => -110, - ]; - } if ( $this->mEntryError ) { $fieldDefinitions['entryError'] = [ 'type' => 'info', @@ -1189,38 +1029,6 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { } } - $fieldDefinitions = $this->getBCFieldDefinitions( $fieldDefinitions, $template ); - $fieldDefinitions = array_filter( $fieldDefinitions ); - - return $fieldDefinitions; - } - - /** - * Adds fields provided via the deprecated UserLoginForm / UserCreateForm hooks - * @param array $fieldDefinitions - * @param FakeAuthTemplate $template - * @return array - */ - protected function getBCFieldDefinitions( $fieldDefinitions, $template ) { - if ( $template->get( 'usedomain', false ) ) { - // TODO probably should be translated to the new domain notation in AuthManager - $fieldDefinitions['domain'] = [ - 'type' => 'select', - 'label-message' => 'yourdomainname', - 'options' => array_combine( $template->get( 'domainnames', [] ), - $template->get( 'domainnames', [] ) ), - 'default' => $template->get( 'domain', '' ), - 'name' => 'wpDomain', - // FIXME id => 'mw-user-domain-section' on the parent div - ]; - } - - // poor man's associative array_splice - $extraInputPos = array_search( 'extrainput', array_keys( $fieldDefinitions ), true ); - $fieldDefinitions = array_slice( $fieldDefinitions, 0, $extraInputPos, true ) - + $template->getExtraInputDefinitions() - + array_slice( $fieldDefinitions, $extraInputPos + 1, null, true ); - return $fieldDefinitions; } @@ -1380,218 +1188,3 @@ abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage { $this->addTabIndex( $formDescriptor ); } } - -/** - * B/C class to try handling login/signup template modifications even though login/signup does not - * actually happen through a template anymore. Just collects extra field definitions and allows - * some other class to do decide what to do with threm.. - * TODO find the right place for adding extra fields and kill this - */ -class FakeAuthTemplate extends BaseTemplate { - public function execute() { - throw new LogicException( 'not used' ); - } - - /** - * Extensions (AntiSpoof and TitleBlacklist) call this in response to - * UserCreateForm hook to add checkboxes to the create account form. - * @param string $name - * @param string $value - * @param string $type - * @param string $msg - * @param string|bool $helptext - */ - public function addInputItem( $name, $value, $type, $msg, $helptext = false ) { - // use the same indexes as UserCreateForm just in case someone adds an item manually - $this->data['extrainput'][] = [ - 'name' => $name, - 'value' => $value, - 'type' => $type, - 'msg' => $msg, - 'helptext' => $helptext, - ]; - } - - /** - * Turns addInputItem-style field definitions into HTMLForm field definitions. - * @return array - */ - public function getExtraInputDefinitions() { - $definitions = []; - - foreach ( $this->get( 'extrainput', [] ) as $field ) { - $definition = [ - 'type' => $field['type'] === 'checkbox' ? 'check' : $field['type'], - 'name' => $field['name'], - 'value' => $field['value'], - 'id' => $field['name'], - ]; - if ( $field['msg'] ) { - $definition['label-message'] = $this->getMsg( $field['msg'] ); - } - if ( $field['helptext'] ) { - $definition['help'] = $this->msgWiki( $field['helptext'] ); - } - - // the array key doesn't matter much when name is defined explicitly but - // let's try and follow HTMLForm conventions - $name = preg_replace( '/^wp(?=[A-Z])/', '', $field['name'] ); - $definitions[$name] = $definition; - } - - if ( $this->haveData( 'extrafields' ) ) { - $definitions['extrafields'] = [ - 'type' => 'info', - 'raw' => true, - 'default' => $this->get( 'extrafields' ), - ]; - } - - return $definitions; - } -} - -/** - * LoginForm as a special page has been replaced by SpecialUserLogin and SpecialCreateAccount, - * but some extensions called its public methods directly, so the class is retained as a - * B/C wrapper. Anything that used it before should use AuthManager instead. - */ -class LoginForm extends SpecialPage { - const SUCCESS = 0; - const NO_NAME = 1; - const ILLEGAL = 2; - const WRONG_PLUGIN_PASS = 3; - const NOT_EXISTS = 4; - const WRONG_PASS = 5; - const EMPTY_PASS = 6; - const RESET_PASS = 7; - const ABORTED = 8; - const CREATE_BLOCKED = 9; - const THROTTLED = 10; - const USER_BLOCKED = 11; - const NEED_TOKEN = 12; - const WRONG_TOKEN = 13; - const USER_MIGRATED = 14; - - public static $statusCodes = [ - self::SUCCESS => 'success', - self::NO_NAME => 'no_name', - self::ILLEGAL => 'illegal', - self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass', - self::NOT_EXISTS => 'not_exists', - self::WRONG_PASS => 'wrong_pass', - self::EMPTY_PASS => 'empty_pass', - self::RESET_PASS => 'reset_pass', - self::ABORTED => 'aborted', - self::CREATE_BLOCKED => 'create_blocked', - self::THROTTLED => 'throttled', - self::USER_BLOCKED => 'user_blocked', - self::NEED_TOKEN => 'need_token', - self::WRONG_TOKEN => 'wrong_token', - self::USER_MIGRATED => 'user_migrated', - ]; - - /** - * @param WebRequest|null $request - */ - public function __construct( $request = null ) { - wfDeprecated( 'LoginForm', '1.27' ); - parent::__construct(); - } - - /** - * @deprecated since 1.27 - call LoginHelper::getValidErrorMessages instead. - * @return array - */ - public static function getValidErrorMessages() { - return LoginHelper::getValidErrorMessages(); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - * @param string $username - * @return array|false - */ - public static function incrementLoginThrottle( $username ) { - wfDeprecated( __METHOD__, "1.27" ); - global $wgRequest; - $username = User::getCanonicalName( $username, 'usable' ) ?: $username; - $throttler = new Throttler(); - return $throttler->increase( $username, $wgRequest->getIP(), __METHOD__ ); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - * @param string $username - * @return bool|int - */ - public static function incLoginThrottle( $username ) { - wfDeprecated( __METHOD__, "1.27" ); - $res = self::incrementLoginThrottle( $username ); - return is_array( $res ) ? true : 0; - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - * @param string $username - * @return void - */ - public static function clearLoginThrottle( $username ) { - wfDeprecated( __METHOD__, "1.27" ); - global $wgRequest; - $username = User::getCanonicalName( $username, 'usable' ) ?: $username; - $throttler = new Throttler(); - return $throttler->clear( $username, $wgRequest->getIP() ); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - */ - public static function getLoginToken() { - wfDeprecated( __METHOD__, '1.27' ); - global $wgRequest; - return $wgRequest->getSession()->getToken( '', 'login' )->toString(); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - */ - public static function setLoginToken() { - wfDeprecated( __METHOD__, '1.27' ); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - */ - public static function clearLoginToken() { - wfDeprecated( __METHOD__, '1.27' ); - global $wgRequest; - $wgRequest->getSession()->resetToken( 'login' ); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - * @return string - */ - public static function getCreateaccountToken() { - wfDeprecated( __METHOD__, '1.27' ); - global $wgRequest; - return $wgRequest->getSession()->getToken( '', 'createaccount' )->toString(); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - */ - public static function setCreateaccountToken() { - wfDeprecated( __METHOD__, '1.27' ); - } - - /** - * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead - */ - public static function clearCreateaccountToken() { - wfDeprecated( __METHOD__, '1.27' ); - global $wgRequest; - $wgRequest->getSession()->resetToken( 'createaccount' ); - } -} -- 2.20.1