Cenarium has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/311759

Change subject: Support multiple limits and arbitrary periods in account 
creation throttle
......................................................................

Support multiple limits and arbitrary periods in account creation throttle

This adds support for multiple count-per-period limits and arbitrary
period durations in the AuthManager account creation throttle in the
wiki settings. The $wgAccountCreationThrottle config variable becomes
an array like $wgPasswordAttemptThrottle.
In the throttle message, an approximation by hours is used since it's
no longer necessarily per day.

Change-Id: Iea182a92a1199b0ce7103ab9ae24f1c87b01985c
---
M includes/DefaultSettings.php
M includes/auth/ThrottlePreAuthenticationProvider.php
M languages/i18n/en.json
M languages/i18n/qqq.json
4 files changed, 35 insertions(+), 9 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/59/311759/1

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 135c3e5..4d11682 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5427,11 +5427,30 @@
 $wgHideUserContribLimit = 1000;
 
 /**
- * Number of accounts each IP address may create, 0 to disable.
+ * Number of accounts each IP address may create per specified period(s).
+ *
+ * @par Example:
+ * @code
+ * $wgAccountCreationThrottle = [
+ *  // no more than 100 per month
+ *  [
+ *   'count' => 100,
+ *   'seconds' => 30*86400,
+ *  ],
+ *  // no more than 10 per day
+ *  [
+ *   'count' => 10,
+ *   'seconds' => 86400,
+ *  ],
+ * ];
+ * @endcode
  *
  * @warning Requires $wgMainCacheType to be enabled
  */
-$wgAccountCreationThrottle = 0;
+$wgAccountCreationThrottle = [ [
+       'count' => 0,
+       'seconds' => 86400,
+] ];
 
 /**
  * Edits matching these regular expressions in body text
diff --git a/includes/auth/ThrottlePreAuthenticationProvider.php 
b/includes/auth/ThrottlePreAuthenticationProvider.php
index e2123ef..637860d 100644
--- a/includes/auth/ThrottlePreAuthenticationProvider.php
+++ b/includes/auth/ThrottlePreAuthenticationProvider.php
@@ -65,13 +65,19 @@
        public function setConfig( Config $config ) {
                parent::setConfig( $config );
 
+               $accountCreationThrottle = $this->config->get( 
'AccountCreationThrottle' );
+               // Handle old $wgAccountCreationThrottle format (number of 
attempts per 24 hours)
+               if ( !is_array( $accountCreationThrottle ) ) {
+                       $accountCreationThrottle = [ [
+                               'count' => $accountCreationThrottle,
+                               'seconds' => 86400,
+                       ] ];
+               }
+
                // @codeCoverageIgnoreStart
                $this->throttleSettings += [
                // @codeCoverageIgnoreEnd
-                       'accountCreationThrottle' => [ [
-                               'count' => $this->config->get( 
'AccountCreationThrottle' ),
-                               'seconds' => 86400,
-                       ] ],
+                       'accountCreationThrottle' => $accountCreationThrottle,
                        'passwordAttemptThrottle' => $this->config->get( 
'PasswordAttemptThrottle' ),
                ];
 
@@ -107,7 +113,8 @@
 
                $result = $this->accountCreationThrottle->increase( null, $ip, 
__METHOD__ );
                if ( $result ) {
-                       return \StatusValue::newFatal( 
'acct_creation_throttle_hit', $result['count'] );
+                       return \StatusValue::newFatal( 
'acct_creation_throttle_hit', $result['count'],
+                               ceil( $result['wait'] / 3600 ) );
                }
 
                return \StatusValue::newGood();
diff --git a/languages/i18n/en.json b/languages/i18n/en.json
index a8dd103..fc5c6e4 100644
--- a/languages/i18n/en.json
+++ b/languages/i18n/en.json
@@ -507,7 +507,7 @@
        "signupend": "",
        "signupend-https": "",
        "mailerror": "Error sending mail: $1",
-       "acct_creation_throttle_hit": "Visitors to this wiki using your IP 
address have created {{PLURAL:$1|1 account|$1 accounts}} in the last day, which 
is the maximum allowed in this time period.\nAs a result, visitors using this 
IP address cannot create any more accounts at the moment.",
+       "acct_creation_throttle_hit": "Visitors to this wiki using your IP 
address have created {{PLURAL:$1|1 account|$1 accounts}} in the last 
{{PLURAL:$2|hour|$2 hours}}, which is the maximum allowed in this time 
period.\nAs a result, visitors using this IP address cannot create any more 
accounts at the moment.",
        "emailauthenticated": "Your email address was confirmed on $2 at $3.",
        "emailnotauthenticated": "Your email address is not yet confirmed.\nNo 
email will be sent for any of the following features.",
        "noemailprefs": "Specify an email address in your preferences for these 
features to work.",
diff --git a/languages/i18n/qqq.json b/languages/i18n/qqq.json
index fbf95cc..120df75 100644
--- a/languages/i18n/qqq.json
+++ b/languages/i18n/qqq.json
@@ -691,7 +691,7 @@
        "signupend": "{{notranslate}}",
        "signupend-https": "{{notranslate}}",
        "mailerror": "Used as error message in sending confirmation mail to 
user. Parameters:\n* $1 - new mail address",
-       "acct_creation_throttle_hit": "Error message at 
[[Special:CreateAccount]].\n\n\"in the last day\" precisely means: during the 
lasts 86400 seconds (24 hours) ending right now.\n\nParameters:\n* $1 - number 
of accounts",
+       "acct_creation_throttle_hit": "Error message at 
[[Special:CreateAccount]].\n\nParameters:\n* $1 - number of accounts\n* $2 - 
period in hours",
        "emailauthenticated": "In user preferences ([[Special:Preferences]] > 
{{int:prefs-personal}} > {{int:email}}) and on 
[[Special:ConfirmEmail]].\n\nParameters:\n* $1 - (Unused) obsolete, date and 
time\n* $2 - date\n* $3 - time",
        "emailnotauthenticated": "Message in [[Special:Preferences]] > 
{{int:prefs-personal}} > {{int:email}}.\n\nIt appears after saving your email 
address but before you confirm it.",
        "noemailprefs": "Message appearing in the \"Email options\" section of 
the \"User profile\" page in [[Special:Preferences|Preferences]], when no user 
email address has been entered.",

-- 
To view, visit https://gerrit.wikimedia.org/r/311759
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Iea182a92a1199b0ce7103ab9ae24f1c87b01985c
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Cenarium <cenarium.sy...@gmail.com>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to