API:Login

From MediaWiki.org

Jump to: navigation, search
This page is part of the MediaWiki API documentation.
Languages Languages: 

English  • Español  • 日本語  • Русский
MediaWiki API


Login gets several tokens that are needed by the server to recognize logged-in user. In every call to api.php, the cookie set by this request must be passed.

Contents

[edit] Example request

Note: In this example, all parameters are passed in a GET request just for the sake of simplicity. However, action=login requires POST requests; GET requests will cause an error.

Logging in

api.php ? action=login & lgname=Bob & lgpassword=secret

<?xml version="1.0" encoding="utf-8"?>
<api>
  <login
    result="Success"
    lguserid="12345"
    lgusername="Bob"
    lgtoken="b5780b6e2f27e20b450921d9461010b4"
    cookieprefix="enwiki"
    sessionid="08nj1ioefhlvmdjfor5to3mvv5"
  />
</api>

You might need to add the query parameter lgdomain, containing your domain name for authentication, if you're using an authentication plug-in like Extension:LDAP Authentication.

[edit] Constructing cookies manually

A successful action=login request will set the right cookies, but if you're unable to fetch it, you can also construct them from the data returned. In the example above, you'd set the following cookies:

  • enwikiUserName = Bob (from the lgusername field)
  • enwikiUserID = 12345 (from the lguserid field)
  • enwikiToken = b5780b6e2f27e20b450921d9461010b4 (from the lgtoken field)
  • enwiki_session = 08nj1ioefhlvmdjfor5to3mvv5 (from the sessionid field)

Note that the enwiki part is different for every wiki, and is returned in the cookieprefix field.

[edit] Errors

Errors are returned in the result field. Possible values are:

  • NoName
    • You didn't set the lgname parameter
  • Illegal
    • You provided an illegal username
  • NotExists
    • The username you provided doesn't exist
  • EmptyPass
    • You didn't set the lgpassword parameter or you left it empty
  • WrongPass
    • The password you provided is incorrect
  • WrongPluginPass
    • Same as WrongPass, returned when an authentication plugin rather than MediaWiki itself rejected the password
  • CreateBlocked
    • The wiki tried to automatically create a new account for you, but your IP address has been blocked from account creation
  • NeedToWait
    • Your waiting time hasn't expired yet. See also throttling

[edit] Throttling

For security reasons, this module is throttled. A failed login attempt will require that you either authenticate through the standard Special:Userlogin or wait 5 seconds before you can attempt to login through this module again. Upon every subsequent attempt, the waiting time will be doubled. Retrying before the waiting time is over will fail with a NeedToWait error, but will not restart the waiting time. The number of seconds you have to wait until your next attempt is returned in the 'wait' field. Throttling is only enabled on servers that support memcaching.

[edit] External links

Retrieved from "http://www.mediawiki.org/wiki/API:Login"
Personal tools