Parent5446 has uploaded a new change for review. https://gerrit.wikimedia.org/r/213764
Change subject: Allow for using separate database for OATH creds ...................................................................... Allow for using separate database for OATH creds Add configuration variable for specifying what database the OATH credentials are stored in, that way wikis that use CentralAuth can centralize their two-factor authentication data as well. Bug: T100374 Change-Id: I285e2fe29fee43ddc6c5a6e51823911d43c596f6 --- M OATHAuth.hooks.php M OATHAuth.php M special/SpecialOATH.php 3 files changed, 34 insertions(+), 10 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OATHAuth refs/changes/64/213764/1 diff --git a/OATHAuth.hooks.php b/OATHAuth.hooks.php index 2f67911..cd29716 100644 --- a/OATHAuth.hooks.php +++ b/OATHAuth.hooks.php @@ -7,6 +7,23 @@ */ class OATHAuthHooks { /** + * Get the singleton OATH user repository + * + * @return OATHUserRepository + */ + public static function getOATHUserRepository() { + global $wgOATHAuthDatabase; + + static $service = null; + + if ( $service !== null ) { + $service = new OATHUserRepository( wfGetLB( $wgOATHAuthDatabase ) ); + } + + return $service; + } + + /** * @param $extraFields array * @return bool */ @@ -28,8 +45,7 @@ global $wgRequest; $token = $wgRequest->getText( 'wpOATHToken' ); - $oathrepo = new OATHUserRepository( wfGetLB() ); - $oathuser = $oathrepo->findByUser( $user ); + $oathuser = self::getOATHUserRepository()->findByUser( $user ); # Though it's weird to default to true, we only want to deny # users who have two-factor enabled and have validated their # token. @@ -60,8 +76,7 @@ $request = $context->getRequest(); $output = $context->getOutput(); - $oathrepo = new OATHUserRepository( wfGetLB() ); - $oathuser = $oathrepo->findByUser( $user ); + $oathuser = self::getOATHUserRepository()->findByUser( $user ); if ( $oathuser->getKey() !== null && !$request->getCheck( 'token' ) ) { $request->setSessionData( 'oath_login', $request->getValues() ); @@ -82,8 +97,7 @@ * @return bool */ public static function manageOATH( User $user, array &$preferences ) { - $oathrepo = new OATHUserRepository( wfGetLB() ); - $oathUser = $oathrepo->findByUser( $user ); + $oathUser = self::getOATHUserRepository()->findByUser( $user ); $title = SpecialPage::getTitleFor( 'OATH' ); $msg = $oathUser->getKey() !== null ? 'oathauth-disable' : 'oathauth-enable'; diff --git a/OATHAuth.php b/OATHAuth.php index 9a0b805..156bc69 100644 --- a/OATHAuth.php +++ b/OATHAuth.php @@ -41,6 +41,17 @@ */ $wgOATHAuthWindowRadius = 4; +/** + * Database that OATH authentication data is kept in + * + * It is recommended that if you use CentralAuth or some other similar authentication + * mechanism that you either make the `oathauth_users` table a shared table, or use this + * variable to change the database, and make all the wikis share the same date. + * + * @var string|false + */ +$wgOATHAuthDatabase = false; + $dir = __DIR__ . '/'; $wgMessagesDirs['OATHAuth'] = __DIR__ . '/i18n'; diff --git a/special/SpecialOATH.php b/special/SpecialOATH.php index 6988a5c..b3194b1 100644 --- a/special/SpecialOATH.php +++ b/special/SpecialOATH.php @@ -11,13 +11,12 @@ * @return SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage */ protected function getTargetPage() { - $repo = new OATHUserRepository( wfGetLB() ); + $repo = OATHAuthHooks::getOATHUserRepository(); + /** @var SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage $page */ + $page = null; /** @var array $sessionUser */ $loginInfo = $this->getRequest()->getSessionData( 'oath_login' ); - - /** @var SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage $page */ - $page = null; if ( $this->getUser()->isAnon() && $loginInfo !== null ) { // User is anonymous, so they are logging in $page = new SpecialOATHLogin( -- To view, visit https://gerrit.wikimedia.org/r/213764 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I285e2fe29fee43ddc6c5a6e51823911d43c596f6 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/OATHAuth Gerrit-Branch: master Gerrit-Owner: Parent5446 <tylerro...@gmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits