[Mediawiki-l] Authentication

Lane, Ryan Ryan.Lane at ocean.navo.navy.mil
Fri Jun 20 18:43:28 UTC 2008


> I just did a lot of digging, looks like my best bet is to use 
> an Http Auth
> extension and figure out how to just not have it check a 
> password. There are
> a couple extensions out there that claim to accomplish this 
> but they seem to
> fail. I don't have a whole lot of experiance in PHP or I'd 
> code it myself. I
> was hopeing someone had an idea on how to do it with existing code.
> 
> My idea is to make it so when a user logs in they need no 
> password and if
> they don't have an account one is created for them. Any other ideas ?
> 
> Thanks for your advice, it got me going on this !
> 

A custom authentication plugin is probably the easiest way to go.
Really, this is pretty simply to do...

In a file called "NoAuthPlugin.php":

<?php
/**
 */
# Copyright (C) 2004 Ryan Lane <rlane32 AtT gmail d0t com>
# http://www.mediawiki.org/
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
along
# with this program; if not, write to the Free Software Foundation,
Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# http://www.gnu.org/copyleft/gpl.html

require_once( 'AuthPlugin.php' );

class NoAuthPlugin extends AuthPlugin {
        function userExists( $username ) {
                return true;
        }
        
        function authenticate( $username, $password ) {
                return true;
        }

        function modifyUITemplate( &$template ) {
                $template->set( 'usedomain', false );
                $template->set( 'ignorepassword', true );
        }

        function setDomain( $domain ) {
                $this->domain = $domain;
        }

        function validDomain( $domain ) {
                return true;
        }

        function updateUser( &$user ) {
                return true;
        }

        function autoCreate() {
                return true;
        }

        function allowPasswordChange() {
                return false;
        }

        function setPassword( $user, $password ) {
                return true;
        }

        function updateExternalDB( $user ) {
                return true;
        }

        function canCreateAccounts() {
                return false;
        }

        function addUser( $user, $password, $email='', $realname='' ) {
                return true;
        }

        function strict() {
                return false;
        }

        function initUser( $user, $autocreate=false ) {
        }

        function getCanonicalName( $username ) {
                return $username;
        }

}
?>




Now patch the Userlogin.php template in includes/templates:

--- Userlogin.php.old   2008-06-20 13:32:04.000000000 -0500
+++ Userlogin.php       2008-06-20 13:41:51.000000000 -0500
@@ -40,6 +40,7 @@
                                        value="<?php $this->text('name')
?>" size='20' />
                        </td>
                </tr>
+               <?php if( !$this->data['ignorepassword'] ) {
                <tr>
                        <td align='right'><label for='wpPassword1'><?php
$this->msg('yourpassword') ?></label></td>
                        <td align='left'>
@@ -48,6 +49,7 @@
                                        value="" size='20' />
                        </td>
                </tr>
+               <?php } ?>
        <?php if( $this->data['usedomain'] ) {
                $doms = "";
                foreach( $this->data['domainnames'] as $dom ) {




Now set the following in LocalSettings.php:

require_once( 'extensions/NoAuthPlugin.php' );
$wgMinimalPasswordLength = 0;



Now when users click the login button, it should only show a username
box; when the user logs in for the first time, it'll automatically
create an account for them.

Btw, if the format of the email gets botched (which is likely), email me
directly, and I can send you attachments.

V/r,

Ryan Lane



More information about the MediaWiki-l mailing list