On Thu, Mar 17, 2016 at 5:27 AM, John <[email protected]> wrote:
> Be aware that using any other page than Speical:UserLogin to login can > cause account compromises or session hijacking. > To clarify, any administrator on your site will be able to add javascript that could read your users passwords / hijack sessions / etc, so please, only do this on a wiki where you have a limited number of sysops. In mediawiki before 1.27, you can do the entire login process via the api. So just put the username/password boxes on the popup (along with the login csrf token that you'll want to acquire when you show the dialog-- acquiring it will start a browser session, so if you use a caching proxy for performance, you want to start the session as late as possible), then submit those to https://www.mediawiki.org/wiki/API:Login. In 1.27, Auth/Session manager change many aspects of how the login process works, so you'll likely have to redo your work when you upgrade. > > On Thu, Mar 17, 2016 at 7:34 AM, Raketa Me <[email protected]> wrote: > > > Hey Palash, > > Easiest way here is to follow Special:UserLogin data-structure for forms > > and send data to the same script as Special:UserLogin do > > > > 17.03.2016 14:21, Palash Rastogi пишет: > > > > I want to create a login popup window in my wiki, so that the user does > >> not go to a different page to login. Instead, a window should appear on > the > >> top of website for login sign up purposes. > >> > >> Creating a window asking for username and password is easy, but I am > >> having difficulties with authenticating the data. I am not sure how to > do > >> it. I think it can be easily done by including the > mediawiki.api.login.js > >> file which is present in the /resources/src/mediawiki.api folder into > the > >> skin, but how to implement the function within the script? > >> > >> Thanks in advance for the help. > >> > >> -Palash > >> > >> > >> > >> > > _______________________________________________ > > MediaWiki-l mailing list > > To unsubscribe, go to: > > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > > _______________________________________________ > MediaWiki-l mailing list > To unsubscribe, go to: > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
