2016-09-06 8:14 GMT+02:00 Gergo Tisza <gti...@wikimedia.org>: > On Mon, Sep 5, 2016 at 8:08 PM, Bináris <wikipo...@gmail.com> wrote: > > > I found bot passwords, but they offer very limited user rights. > > > > They offer rights for anything which is defined in $wgGrantPermissions [1], > which should be include everything a bot might need. Feel free to file a > bug if that's not the case, but maybe you are just overlooking something? >
> > So the best thing is to try without API? > > > The best thing is to use a bot framework that is still being maintained, so > that you don't have to deal with login yourself. The second best thing is > to use OAuth with an owner-only consumer [2] and add the Authorization > header to every request. The third best thing is to use action=login with a > bot password. Anything lower down in bestness should probably be avoided. > > On Mon, Sep 5, 2016 at 9:32 PM, John <phoenixoverr...@gmail.com> wrote: > > > you can still login via the API,without having to use either oauth > > or botpassword > > > You might be able to. It depends on the authentication settings of the wiki > and the user account. It's not something that should be relied upon. > > > [1] https://www.mediawiki.org/wiki/Manual:$wgGrantPermissions > [2] https://www.mediawiki.org/wiki/OAuth/Owner-only_consumers > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > -- Bináris _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l