Hi!
Logging in an user without using the UserLogin form or any other interaction of the user
sounds like a SessionProvider for me, instead of an authentication provider. Take a look
at:
https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager
However, I haven't implemented it so far, but you could take a look at some examples,
e.g. the OAuth extension:
https://github.com/wikimedia/mediawiki-extensions-OAuth/blob/master/api/MWO…
(however, as the description says: There're some unusual steps in the execution code,
so you shouldn't simply copy it)
Another example could be the CentralAuth extension:
https://github.com/wikimedia/mediawiki-extensions-CentralAuth/blob/b2d52e1a…
I hope that helps!
In MediaWiki 1.29 (I think it was 1.29 and not 1.28) we implemented a way to bypass the
login page, but that requires that you disable all authentication providers, instead of
one, which need to provide a button only, for a redirect to an external page).
Best,
Florian
-----Original-Nachricht-----
Betreff: [Wikitech-l] New 1.27/1.28 login mechanism
Datum: 2017-01-18T00:20:07+0100
Von: "Aran" <aran(a)organicdesign.co.nz>
An: "Wikimedia developers" <wikitech-l(a)lists.wikimedia.org>
Hello,
I have a login system that extends the
AbstractPrimaryAuthenticationProvider and uses an AuthenticationRequest
that returns an empty fields array so that the login form is bypassed
completely and login is determined by some other environmental
parameters. But in 1.27 this does not bypass the login form.
What is the proper way I should be making the login page determine login
without a login form?
Thanks,
Aran
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l