Page MenuHomePhabricator
Create Task
Maniphest T284020

Support bot passwords in the REST API
Closed, ResolvedPublic
Actions

Description

Currently, bot passwords don’t support the REST API: the session provider only enables itself when using the action API (and with $wgEnableBotPasswords, of course), so if you try to log in using the action API and then make REST API requests with the same cookies, you’ll find your session is gone and you’re anonymous again. I assume this is unintentional.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Support REST API in BotPasswordSessionProvidermediawiki/coremaster+5 -4
Customize query in gerrit

Event Timeline

Lucas_Werkmeister_WMDE created this task.May 31 2021, 2:59 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 31 2021, 2:59 PM
gerritbot added a comment.May 31 2021, 3:06 PM

Change 697430 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Lucas Werkmeister (WMDE)):

[mediawiki/core@master] Support REST API in BotPasswordSessionProvider

https://gerrit.wikimedia.org/r/697430

gerritbot added a project: Patch-For-Review.May 31 2021, 3:06 PM
toan subscribed.May 31 2021, 3:11 PM
Frostly subscribed.May 31 2021, 5:20 PM
gerritbot added a comment.Jun 7 2021, 2:05 PM

Change 698517 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Lucas Werkmeister (WMDE)):

[mediawiki/extensions/WikibaseLexeme@master] selenium: Use ChronologyProtector cookie in mwbot

https://gerrit.wikimedia.org/r/698517

Lucas_Werkmeister_WMDE added a comment.Jun 7 2021, 2:06 PM
In T284020#7138543, @gerritbot wrote:

Change 698517 had a related patch set uploaded (by Lucas Werkmeister (WMDE); author: Lucas Werkmeister (WMDE)):

[mediawiki/extensions/WikibaseLexeme@master] selenium: Use ChronologyProtector cookie in mwbot

https://gerrit.wikimedia.org/r/698517

Disregard that, wrong task ID.

Frostly unsubscribed.Aug 22 2021, 7:10 PM
Reedy added a project: Platform Team Workboards (External Code Reviews).Sep 4 2021, 12:11 AM
gerritbot added a comment.Jul 22 2022, 6:15 PM

Change 697430 merged by jenkins-bot:

[mediawiki/core@master] Support REST API in BotPasswordSessionProvider

https://gerrit.wikimedia.org/r/697430

ReleaseTaggerBot added a project: MW-1.39-notes (1.39.0-wmf.22; 2022-07-25).Jul 22 2022, 7:00 PM
Lucas_Werkmeister_WMDE closed this task as Resolved.Aug 4 2022, 3:57 PM
Lucas_Werkmeister_WMDE claimed this task.

I don’t have a setup to conveniently test this anymore, but I’m pretty sure I tested my patch at the time. Let’s assume it’s working and close the task.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits