3 * Implements Special:PasswordReset
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
21 * @ingroup SpecialPage
24 use MediaWiki\MediaWikiServices
;
27 * Special page for requesting a password reset email.
29 * Requires the TemporaryPasswordPrimaryAuthenticationProvider and the
30 * EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent
31 * functionality) to be enabled.
33 * @ingroup SpecialPage
35 class SpecialPasswordReset
extends FormSpecialPage
{
36 /** @var PasswordReset */
37 private $passwordReset = null;
45 * @var string $method Identifies which password reset field was specified by the user.
49 public function __construct() {
50 parent
::__construct( 'PasswordReset', 'editmyprivateinfo' );
53 private function getPasswordReset() {
54 if ( $this->passwordReset
=== null ) {
55 $this->passwordReset
= MediaWikiServices
::getInstance()->getPasswordReset();
57 return $this->passwordReset
;
60 public function doesWrites() {
64 public function userCanExecute( User
$user ) {
65 return $this->getPasswordReset()->isAllowed( $user )->isGood();
68 public function checkExecutePermissions( User
$user ) {
69 $status = Status
::wrap( $this->getPasswordReset()->isAllowed( $user ) );
70 if ( !$status->isGood() ) {
71 throw new ErrorPageError( 'internalerror', $status->getMessage() );
74 parent
::checkExecutePermissions( $user );
80 public function execute( $par ) {
81 $out = $this->getOutput();
82 $out->disallowUserJs();
83 parent
::execute( $par );
86 protected function getFormFields() {
87 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
89 if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
92 'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
93 'label-message' => 'passwordreset-username',
96 if ( $this->getUser()->isLoggedIn() ) {
97 $a['Username']['default'] = $this->getUser()->getName();
101 if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
104 'label-message' => 'passwordreset-email',
111 protected function getDisplayFormat() {
115 public function alterForm( HTMLForm
$form ) {
116 $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
118 $form->setSubmitDestructive();
120 $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
123 if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
126 if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
130 $message = ( $i > 1 ) ?
'passwordreset-text-many' : 'passwordreset-text-one';
132 $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
133 $form->setSubmitTextMsg( 'mailmypassword' );
137 * Process the form. At this point we know that the user passes all the criteria in
138 * userCanExecute(), and if the data array contains 'Username', etc, then Username
139 * resets are allowed.
141 * @throws MWException
142 * @throws ThrottledError|PermissionsError
145 public function onSubmit( array $data ) {
146 $username = $data['Username'] ??
null;
147 $email = $data['Email'] ??
null;
149 $this->method
= $username ?
'username' : 'email';
150 $this->result
= Status
::wrap(
151 $this->getPasswordReset()->execute( $this->getUser(), $username, $email ) );
153 if ( $this->result
->hasMessage( 'actionthrottledtext' ) ) {
154 throw new ThrottledError
;
157 return $this->result
;
160 public function onSuccess() {
161 if ( $this->method
=== 'email' ) {
162 $this->getOutput()->addWikiMsg( 'passwordreset-emailsentemail' );
164 $this->getOutput()->addWikiMsg( 'passwordreset-emailsentusername' );
167 $this->getOutput()->returnToMain();
171 * Hide the password reset page if resets are disabled.
174 public function isListed() {
175 if ( $this->getPasswordReset()->isAllowed( $this->getUser() )->isGood() ) {
176 return parent
::isListed();
182 protected function getGroupName() {