Page MenuHomePhabricator

Update API clients for AuthManager
Closed, ResolvedPublic


User:Anomie/SessionManager and AuthManager will deprecate the current (non-bot-password) login API (and possibly break it, depending on what authentication extensions are installed) and remove the current account creation API.

Event Timeline

action=clientlogin seems like an awful amount of work to implement in the client. Why couldn't we just have a HTML-based system where we can drop a web browser control in our app, point it to a specific page, and listen for some kind of event or specific page access to confirm a successful login?

Because not all clients can just drop in a web browser control. If you can do that, can you just drop Special:UserLogin into your web browser control, with returnto and returntoquery set to something appropriate?

Also, clients might want to control the presentation, e.g. to have the look-and-feel of the native OS.

Sure, I'm not saying that clientlogin is a bad thing :) I just am wondering if there is an easier way that saves having to implement what is potentially quite a complex and time-consuming bit of code on the client side.

I'll have a play around with Anomie's idea and see if it works out.

Tgr claimed this task.