jenkins-bot has submitted this change and it was merged.
Change subject: Log event on captcha display/success/failure.
......................................................................
Log event on captcha display/success/failure.
Logs a 'captcha.display' event when a captcha is displayed,
either via web or in an API response, and 'captcha.submit' when
a captcha response is evaluated.
Bug: T91701
Change-Id: I376fdd6740aca4f11776e1326ff2e7e6e5af6a75
---
M SimpleCaptcha/Captcha.php
1 file changed, 29 insertions(+), 2 deletions(-)
Approvals:
BryanDavis: Looks good to me, approved
Florianschmidtwelzow: Looks good to me, but someone else must approve
jenkins-bot: Verified
diff --git a/SimpleCaptcha/Captcha.php b/SimpleCaptcha/Captcha.php
index 5847c98..0e43521 100755
--- a/SimpleCaptcha/Captcha.php
+++ b/SimpleCaptcha/Captcha.php
@@ -1,5 +1,7 @@
<?php
+use MediaWiki\Logger\LoggerFactory;
+
class SimpleCaptcha {
/** @var boolean|null Was the CAPTCHA already passed and if yes, with
which result? */
private $captchaSolved = null;
@@ -144,6 +146,10 @@
wfDebug( "ConfirmEdit: user group allows
skipping captcha on account creation\n" );
return true;
}
+ LoggerFactory::getInstance( 'authmanager' )->info(
'Captcha shown on account creation', array(
+ 'event' => 'captcha.display',
+ 'type' => 'accountcreation',
+ ) );
$captcha = "<div class='captcha'>" .
$wgOut->parse( $this->getMessage(
'createaccount' ) ) .
$this->getForm( $wgOut ) .
@@ -169,6 +175,10 @@
if ( $this->isBadLoginTriggered() ) {
global $wgOut;
+ LoggerFactory::getInstance( 'authmanager' )->info(
'Captcha shown on login', array(
+ 'event' => 'captcha.display',
+ 'type' => 'login',
+ ) );
$this->action = 'badlogin';
$captcha = "<div class='captcha'>" .
$wgOut->parse( $this->getMessage( 'badlogin' )
) .
@@ -624,7 +634,13 @@
function confirmUserCreate( $u, &$message, &$status = null ) {
if ( $this->needCreateAccountCaptcha() ) {
$this->trigger = "new account '" . $u->getName() . "'";
- if ( !$this->passCaptchaLimited() ) {
+ $success = $this->passCaptchaLimited();
+ LoggerFactory::getInstance( 'authmanager' )->info(
'Captcha submitted on account creation', array(
+ 'event' => 'captcha.submit',
+ 'type' => 'accountcreation',
+ 'successful' => $success,
+ ) );
+ if ( !$success ) {
// For older MediaWiki
$message = wfMessage(
'captcha-createaccount-fail' )->text();
// For MediaWiki 1.23+
@@ -674,7 +690,13 @@
return true;
$this->trigger = "post-badlogin login '" .
$u->getName() . "'";
- if ( !$this->passCaptchaLimited() ) {
+ $success = $this->passCaptchaLimited();
+ LoggerFactory::getInstance( 'authmanager' )->info(
'Captcha submitted on login', array(
+ 'event' => 'captcha.submit',
+ 'type' => 'login',
+ 'successful' => $success,
+ ) );
+ if ( !$success ) {
// Emulate a bad-password return to confuse the
shit out of attackers
$retval = LoginForm::WRONG_PASS;
return false;
@@ -957,6 +979,11 @@
if ( $warning['message'] ===
'captcha-createaccount-fail' ) {
$this->addCaptchaAPI( $result );
$result['result'] =
'NeedCaptcha';
+
+ LoggerFactory::getInstance(
'authmanager' )->info( 'Captcha data added in account creation API', array(
+ 'event' =>
'captcha.display',
+ 'type' =>
'accountcreation',
+ ) );
}
}
}
--
To view, visit https://gerrit.wikimedia.org/r/226951
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I376fdd6740aca4f11776e1326ff2e7e6e5af6a75
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/ConfirmEdit
Gerrit-Branch: master
Gerrit-Owner: Gergő Tisza <gti...@wikimedia.org>
Gerrit-Reviewer: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: Florianschmidtwelzow <florian.schmidt.stargatewis...@gmail.com>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
