Hello, I have setup a MediaWiki installation for a private wiki, and now I'd like to create my own website, but make it only available to people who are logged in to my MediaWiki installation.
I didn't found any straight-forward and simple API to validate a token (maybe the mediawiki_session
cookie, or another one?) that my server could call to check if the token is valid.
The website I'll create and my MediaWiki instance are on the same domain. I found ?action=checktoken
but when I try api.php?action=checktoken&type=login&token=<token>
with the mediawiki_session
it says it's invalid.
Here's a summary on how I want it to be:
- The server should make the request, not the client
- Validate the token easily
- I know how to do the rest
Regards.