jenkins-bot has submitted this change and it was merged. Change subject: Log event on captcha display/success/failure. ......................................................................
Log event on captcha display/success/failure. Logs a 'captcha.display' event when a captcha is displayed, either via web or in an API response, and 'captcha.submit' when a captcha response is evaluated. Bug: T91701 Change-Id: I376fdd6740aca4f11776e1326ff2e7e6e5af6a75 --- M SimpleCaptcha/Captcha.php 1 file changed, 29 insertions(+), 2 deletions(-) Approvals: BryanDavis: Looks good to me, approved Florianschmidtwelzow: Looks good to me, but someone else must approve jenkins-bot: Verified diff --git a/SimpleCaptcha/Captcha.php b/SimpleCaptcha/Captcha.php index 5847c98..0e43521 100755 --- a/SimpleCaptcha/Captcha.php +++ b/SimpleCaptcha/Captcha.php @@ -1,5 +1,7 @@ <?php +use MediaWiki\Logger\LoggerFactory; + class SimpleCaptcha { /** @var boolean|null Was the CAPTCHA already passed and if yes, with which result? */ private $captchaSolved = null; @@ -144,6 +146,10 @@ wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" ); return true; } + LoggerFactory::getInstance( 'authmanager' )->info( 'Captcha shown on account creation', array( + 'event' => 'captcha.display', + 'type' => 'accountcreation', + ) ); $captcha = "<div class='captcha'>" . $wgOut->parse( $this->getMessage( 'createaccount' ) ) . $this->getForm( $wgOut ) . @@ -169,6 +175,10 @@ if ( $this->isBadLoginTriggered() ) { global $wgOut; + LoggerFactory::getInstance( 'authmanager' )->info( 'Captcha shown on login', array( + 'event' => 'captcha.display', + 'type' => 'login', + ) ); $this->action = 'badlogin'; $captcha = "<div class='captcha'>" . $wgOut->parse( $this->getMessage( 'badlogin' ) ) . @@ -624,7 +634,13 @@ function confirmUserCreate( $u, &$message, &$status = null ) { if ( $this->needCreateAccountCaptcha() ) { $this->trigger = "new account '" . $u->getName() . "'"; - if ( !$this->passCaptchaLimited() ) { + $success = $this->passCaptchaLimited(); + LoggerFactory::getInstance( 'authmanager' )->info( 'Captcha submitted on account creation', array( + 'event' => 'captcha.submit', + 'type' => 'accountcreation', + 'successful' => $success, + ) ); + if ( !$success ) { // For older MediaWiki $message = wfMessage( 'captcha-createaccount-fail' )->text(); // For MediaWiki 1.23+ @@ -674,7 +690,13 @@ return true; $this->trigger = "post-badlogin login '" . $u->getName() . "'"; - if ( !$this->passCaptchaLimited() ) { + $success = $this->passCaptchaLimited(); + LoggerFactory::getInstance( 'authmanager' )->info( 'Captcha submitted on login', array( + 'event' => 'captcha.submit', + 'type' => 'login', + 'successful' => $success, + ) ); + if ( !$success ) { // Emulate a bad-password return to confuse the shit out of attackers $retval = LoginForm::WRONG_PASS; return false; @@ -957,6 +979,11 @@ if ( $warning['message'] === 'captcha-createaccount-fail' ) { $this->addCaptchaAPI( $result ); $result['result'] = 'NeedCaptcha'; + + LoggerFactory::getInstance( 'authmanager' )->info( 'Captcha data added in account creation API', array( + 'event' => 'captcha.display', + 'type' => 'accountcreation', + ) ); } } } -- To view, visit https://gerrit.wikimedia.org/r/226951 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I376fdd6740aca4f11776e1326ff2e7e6e5af6a75 Gerrit-PatchSet: 4 Gerrit-Project: mediawiki/extensions/ConfirmEdit Gerrit-Branch: master Gerrit-Owner: Gergő Tisza <gti...@wikimedia.org> Gerrit-Reviewer: BryanDavis <bda...@wikimedia.org> Gerrit-Reviewer: Florianschmidtwelzow <florian.schmidt.stargatewis...@gmail.com> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits