Page MenuHomePhabricator
Create Task
Maniphest T253946

Successful login attemps should be logged for the user account, not just the IP
Closed, ResolvedPublic
Actions

Description

The onAuthManagerLoginAuthenticateAudit() hook call back in CheckUser should be edited such that if the login attempt was successful, the row entered in cu_changes would indicate the user name and ID. In cases where the login was unsuccessful, current code (which only attributes the event to the IP address) is appropriate.

Originally reported on the CheckUser listserv.

Technical debt was introduced in a14842e7

Details

SubjectRepoBranchLines +/-
Successful login attemps should be logged for the user accountmediawiki/extensions/CheckUsermaster+16 -11
Customize query in gerrit

Related Objects
Search...

Event Timeline

Huji claimed this task.May 29 2020, 2:38 AM
Huji triaged this task as Medium priority.
Huji created this task.
gerritbot added a comment.May 29 2020, 2:45 AM

Change 599486 had a related patch set uploaded (by Huji; owner: Huji):
[mediawiki/extensions/CheckUser@master] Successful login attemps should be logged for the user account

https://gerrit.wikimedia.org/r/599486

gerritbot added a project: Patch-For-Review.May 29 2020, 2:45 AM
Huji updated the task description. (Show Details)May 29 2020, 2:47 AM
gerritbot added a comment.May 29 2020, 2:51 AM

Change 599492 had a related patch set uploaded (by Huji; owner: Huji):
[operations/mediawiki-config@master] Set wgCheckUserLogLogins to true by default

https://gerrit.wikimedia.org/r/599492

jrbs subscribed.Jun 2 2020, 8:09 PM
Huji closed this task as Resolved.Jun 4 2020, 2:41 PM
Huji removed a project: Patch-For-Review.
gerritbot added a comment.Jun 4 2020, 2:47 PM

Change 599486 merged by jenkins-bot:
[mediawiki/extensions/CheckUser@master] Successful login attemps should be logged for the user account

https://gerrit.wikimedia.org/r/599486

ReleaseTaggerBot added a project: MW-1.35-notes (1.35.0-wmf.36; 2020-06-09).Jun 4 2020, 3:00 PM
Ladsgroup subscribed.Nov 18 2020, 5:27 PM

I just want to say a while ago I managed to catch a set of socks using this. Thanks!

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL