diff options
| author | Tim Starling <tstarling@wikimedia.org> | 2022-03-24 10:24:38 +1100 |
|---|---|---|
| committer | Tim Starling <tstarling@wikimedia.org> | 2022-05-10 09:06:05 +1000 |
| commit | 5bac886e6ecb9c7ca1d13232f7cdba6d7737a38b (patch) | |
| tree | 3658656a62f33b96e1ab2aa3e5e1f76d4588b1f5 /includes/GlobalFunctions.php | |
| parent | e7573c0e5d27f385fb188490d70f13740d1d68b8 (diff) | |
| download | mediawikicore-5bac886e6ecb9c7ca1d13232f7cdba6d7737a38b.tar.gz mediawikicore-5bac886e6ecb9c7ca1d13232f7cdba6d7737a38b.zip | |
TempUser CentralAuth integration
Add a hook "TempUserCreatedRedirect" which allows an extension to modify
the post-save redirect after a temporary user is created. CentralAuth
will handle this hook in order to redirect to loginwiki. Loginwiki will
redirect back to the page being saved.
In LoginHelper::showReturnToPage add an "anchor" parameter to specify
the URL fragment to redirect to. This is intended for section editing
with a redirect via loginwiki.
In AuthManager::autoCreateUser(), just allow any valid username, don't
require it to be creatable. Previously a non-creatable username was
allowed only with $source=AUTOCREATE_SOURCE_TEMP, but CentralAuth
depends on user autocreation from the session during refreshCookies. The
session is already validated at this point, so it's not like a user can
exploit this to create arbitrary names.
Change-Id: I623330dbf5d0573c93ae22f962618d6ddbd126d9
Diffstat (limited to 'includes/GlobalFunctions.php')
0 files changed, 0 insertions, 0 deletions