Hi!
Logging in an user without using the UserLogin form or any other interaction of
the user sounds like a SessionProvider for me, instead of an authentication
provider. Take a look at:
https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager
However, I haven't implemented it so far, but you could take a look at some
examples, e.g. the OAuth extension:
https://github.com/wikimedia/mediawiki-extensions-OAuth/blob/master/api/MWOAuthSessionProvider.php
(however, as the description says: There're some unusual steps in the execution
code, so you shouldn't simply copy it)
Another example could be the CentralAuth extension:
https://github.com/wikimedia/mediawiki-extensions-CentralAuth/blob/b2d52e1a1a0fb317ba4f8799beb0641cf8b6568b/includes/session/CentralAuthTokenSessionProvider.php
I hope that helps!
In MediaWiki 1.29 (I think it was 1.29 and not 1.28) we implemented a way to
bypass the login page, but that requires that you disable all authentication
providers, instead of one, which need to provide a button only, for a redirect
to an external page).
Best,
Florian
-Original-Nachricht-
Betreff: [Wikitech-l] New 1.27/1.28 login mechanism
Datum: 2017-01-18T00:20:07+0100
Von: "Aran"
An: "Wikimedia developers"
Hello,
I have a login system that extends the
AbstractPrimaryAuthenticationProvider and uses an AuthenticationRequest
that returns an empty fields array so that the login form is bypassed
completely and login is determined by some other environmental
parameters. But in 1.27 this does not bypass the login form.
What is the proper way I should be making the login page determine login
without a login form?
Thanks,
Aran
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
