AuthWP.php - WPMW Git Source Tree - Wordpress and Mediawiki integration

Root/AuthWP.php

1	<?php␍␊
2	// AuthWP.php␍␊
3	// MediaWiki extension to delegate authentication and user management␍␊
4	// to a local Wordpress installation.␍␊
5	// See http://ciarang.com/wiki/page/WPMW for more information.␍␊
6	// Version 0.3␍␊
7	// Copyright (C) 2008-12 Ciaran Gultnieks <ciaran@ciarang.com>␍␊
8	//␍␊
9	// This program is free software: you can redistribute it and/or modify␍␊
10	// it under the terms of the GNU Affero General Public License as published by␍␊
11	// the Free Software Foundation, either version 3 of the License, or␍␊
12	// (at your option) any later version.␍␊
13	//␍␊
14	// This program is distributed in the hope that it will be useful,␍␊
15	// but WITHOUT ANY WARRANTY; without even the implied warranty of␍␊
16	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the␍␊
17	// GNU Affero General Public License for more details.␍␊
18	//␍␊
19	// You should have received a copy of the GNU Affero General Public License␍␊
20	// along with this program. If not, see <http://www.gnu.org/licenses/>.␍␊
21	//␍␊
22	␍␊
23	␍␊
24	␍␊
25	// Relative path to Wordpress installation. In the default '..' we␍␊
26	// have MediaWiki installed in a 'wiki' directory off the main␍␊
27	// Wordpress root.␍␊
28	$WP_relpath=isset($wgAuthWPRelPath)?$wgAuthWPRelPath:'..';␍␊
29	␍␊
30	␍␊
31	// We'll derive our class from MediaWiki's AuthPlugin class...␍␊
32	require_once('includes/AuthPlugin.php');␍␊
33	␍␊
34	␍␊
35	// Bootstrap Wordpress. This seems rather foolish since surely the␍␊
36	// names of things are bound to clash somewhere, but we want to be␍␊
37	// able to handle everything as if Wordpress was doing it natively␍␊
38	// including respecting any plugins that might be in place.␍␊
39	if(php_sapi_name() != 'cli') {␍␊
40	␉require($WP_relpath.'/wp-load.php');␍␊
41	␉require($WP_relpath.'/wp-includes/registration.php');␍␊
42	}␍␊
43	␍␊
44	// Wordpress has escaped all these in wp-settings.php - we need to␍␊
45	// unescape them again if they weren't meant to be escaped.␍␊
46	if(php_sapi_name() != 'cli' && !get_magic_quotes_gpc()) {␍␊
47	␉$_GET = stripslashes_deep($_GET );␍␊
48	␉$_POST = stripslashes_deep($_POST );␍␊
49	␉$_COOKIE = stripslashes_deep($_COOKIE);␍␊
50	}␍␊
51	␍␊
52	␍␊
53	␍␊
54	// Handler for the MediaWiki UserLoadFromSession hook. Allows users␍␊
55	// already signed in to Wordpress to be automatically signed in to␍␊
56	// MediaWiki. Always returns true, but sets $result to true if auth␍␊
57	// has been done.␍␊
58	function AuthWPUserLoadFromSession($user, &$result) {␍␊
59	␍␊
60	␉// Is there a Wordpress user with a valid session?␍␊
61	␉$wpuser=wp_get_current_user();␍␊
62	␉if(!$wpuser->ID)␍␊
63	␉␉return true;␍␊
64	␍␊
65	␉$u=User::newFromName($wpuser->user_login);␍␊
66	␉if(!$u)␍␊
67	␉␉wp_die("Your username '".$wpuser->user_login."' is not a valid MediaWiki username");␍␊
68	␉if(0==$u->getID()) {␍␊
69	␉␉$u->addToDatabase();␍␊
70	␉␉$u->setToken();␍␊
71	␉}␍␊
72	␉$id=User::idFromName($wpuser->user_login);␍␊
73	␉if(!$id) {␍␊
74	␉␉wp_die("Failed to get ID from name '".$wpuser->user_login."'");␍␊
75	␉␉return true;␍␊
76	␉}␍␊
77	␉if($id==0) {␍␊
78	␉␉wp_die("Wikipedia '".$wpuser->user_login."' was not found.");␍␊
79	␉␉return true;␍␊
80	␉}␍␊
81	␉$user->setID($id);␍␊
82	␉$user->loadFromId();␍␊
83	␉wfSetupSession();␉␍␊
84	␉$user->setCookies();␍␊
85	␍␊
86	␉// Set these to ensure synchronisation with WordPress...␍␊
87	␉$user->setEmail($wpuser->user_email);␍␊
88	␉$user->setRealName($wpuser->user_nicename);␍␊
89	␍␊
90	␉$user->saveSettings();␍␊
91	␉$result=true;␍␊
92	␍␊
93	␉return true;␍␊
94	}␍␊
95	␍␊
96	// Handler for the MediaWiki UserLogout hook.␍␊
97	function AuthWPUserLogout(&$user) {␍␊
98	␉// Log out of Wordpress as well...␍␊
99	␉wp_logout();␍␊
100	␉return true;␍␊
101	}␍␊
102	␍␊
103	class AuthWP extends AuthPlugin {␍␊
104	␍␊
105	␉// Constructor␍␊
106	␉function AuthWP(){␍␊
107	␍␊
108	␉␉// Add hooks...␍␊
109	␉␉global $wgHooks;␍␊
110	␉␉$wgHooks['UserLoadFromSession'][]='AuthWPUserLoadFromSession';␍␊
111	␉␉$wgHooks['UserLogout'][] = 'AuthWPUserLogout';␍␊
112	␍␊
113	␉}␍␊
114	␍␊
115	␍␊
116	␉// MediaWiki API HANDLER␍␊
117	␉// See if the given user exists - true if so, false if not...␍␊
118	␉function userExists($username) {␍␊
119	␉␉return username_exists($username);␍␊
120	␉}␍␊
121	␍␊
122	␉// MediaWiki API HANDLER␍␊
123	␉// Handle authentication, returning true if the given credentials␍␊
124	␉// are good, or false if they're bad.␍␊
125	␉function authenticate($username,$password) {␍␊
126	␉␉$credentials=array('user_login'=>$username,'user_password'=>$password);␍␊
127	␉␉if(is_wp_error(wp_signon($credentials,false)))␍␊
128	␉␉␉return false;␍␊
129	␉␉return true;␍␊
130	␉}␍␊
131	␍␊
132	␉// MediaWiki API HANDLER␍␊
133	␉// Modify the login template...␍␊
134	␉function modifyUITemplate(&$template) {␍␊
135	␉␉$template->set('create',false);␍␊
136	␉␉$template->set('usedomain',false);␍␊
137	␉␉$template->set('useemail',true);␍␊
138	␉}␍␊
139	␍␊
140	␉// MediaWiki API HANDLER␍␊
141	␉// Always return true - tells it to automatically create a local␍␊
142	␉// account when asked to log in a user that doesn't exist locally.␍␊
143	␉function autoCreate() {␍␊
144	␉␉return true;␍␊
145	␉}␍␊
146	␍␊
147	␉// MediaWiki API HANDLER␍␊
148	␉function allowEmailChange() {␍␊
149	␉␉// No - change it via the WordPress interface only.␍␊
150	␉␉return false;␍␊
151	␉}␍␊
152	␍␊
153	␉// MediaWiki API HANDLER␍␊
154	␉function allowRealNameChange() {␍␊
155	␉␉// No - change it via the WordPress interface only.␍␊
156	␉␉return false;␍␊
157	␉}␍␊
158	␍␊
159	␉// MediaWiki API HANDLER␍␊
160	␉// Always return true - users can change their passwords from␍␊
161	␉// MediaWiki - we'll hash them and update the Wordpress DB.␍␊
162	␉function allowPasswordChange() {␍␊
163	␉␉return true;␍␊
164	␉}␍␊
165	␍␊
166	␉// MediaWiki API HANDLER␍␊
167	␉// Set a new password for the given user...␍␊
168	␉function setPassword($user,$password) {␍␊
169	␉␉$wpuser=get_userdatabylogin($user->mName);␍␊
170	␉␉if(!$wpuser)␍␊
171	␉␉␉return false;␍␊
172	␉␉wp_set_password($password,$wpuser->user_id);␍␊
173	␉␉return true;␍␊
174	␉}␍␊
175	␍␊
176	␉// MediaWiki API HANDLER␍␊
177	␉// Update the details of a user that's logging in - i.e. fill in any␍␊
178	␉// details we can retrieve from the Wordpress user details...␍␊
179	␉function updateUser(&$user) {␍␊
180	␉␉$wpuser=get_userdatabylogin($user->mName);␍␊
181	␉␉if(!$wpuser)␍␊
182	␉␉␉return false;␍␊
183	␉␉$user->setEmail($wpuser->user_email);␍␊
184	␉␉$user->setRealName($wpuser->user_nicename);␍␊
185	␉␉$user->saveSettings();␍␊
186	␉␉return true;␍␊
187	␉}␍␊
188	␍␊
189	␉// MediaWiki API HANDLER␍␊
190	␉// Update user details in Wordpress database...␍␊
191	␉function updateExternalDB($user) {␍␊
192	␉␉// Not doing anything here (yet?)␍␊
193	␉␉return true;␍␊
194	␉}␍␊
195	␍␊
196	␉// MediaWiki API HANDLER␍␊
197	␉// Add a user created in MediaWiki to the Wordpress database...␍␊
198	␉function addUser($user,$password) {␍␊
199	␉␉wp_create_user($user->mName,$password,$user->mEmail);␍␊
200	␉␉return true;␍␊
201	␉}␍␊
202	␍␊
203	␉// MediaWiki API HANDLER␍␊
204	␉// Just return true meaning that logins can only be authenticated in␍␊
205	␉// this module, and not checked against the mediawiki db...␍␊
206	␉function strict() {␍␊
207	␉␉return true;␍␊
208	␉}␍␊
209	␍␊
210	␉// MediaWiki API HANDLER␍␊
211	␉// As with strict(), only authenticate through this plugin.␍␊
212	␉function strictUserAuth($username) {␍␊
213	␉␉return true;␍␊
214	␉}␍␊
215	␍␊
216	␉// MediaWiki API HANDLER␍␊
217	␉// We can create external accounts so always return true...␍␊
218	␉function canCreateAccounts() {␍␊
219	␉␉return true;␍␊
220	␉}␍␊
221	␍␊
222	}␍␊
223	?>␍␊
224

Download this file

WPMW

WPMW Git Source Tree

Root/AuthWP.php

Branches