Page MenuHomePhabricator

Store client hint mapping rows for logout events
Open, Needs TriagePublic


We currently send client hint header data when a POST request is made from Special:UserLogout. We need to modify CheckUser to record these headers as client hint mapping rows.

We also need to handle logouts that are done via a one-click POST to the logout API from Vector/Minerva.

Note that while working on this, we might decide that it's easier to use the JavaScript API for client hints.

Acceptance criteria:

  • When a user logs out via a UI element on Vector/Minerva, or via Special:UserLogout, CheckUser creates rows in cu_useragent_clienthints_map

Event Timeline

A couple of notes:

  • We'll need a way to hook into "logout just happened". We can use mw.hook( LOGOUT_EVENT ).add() for that, though I am not sure if that is comprehensive.
  • We need to have a more strict time limit for posting a logout event for a user
  • We need to make sure that we don't leak any information about a user's logged-in or logged-out status via the API, e.g. avoid the scenario where User A posts a logout event for User B, and gets an error saying "User B is logged-in" etc. One way to do this is to return no information regardless of whether the POST is valid or invalid.
  • To validate events, we'll need to check that the user referenced in {id} is logged out.
    • We need to limit spam/abuse of this endpoint, e.g. don't allow unlimited POSTs to the endpoint just because the user ID in question is logged-out

Some addendum thoughts:

  • The PHP hook implementation of UserLogoutComplete by CheckUser already stores that a logout event has occurred. The API could check for a row that indicates a logout in cu_private_event. Using this method is dependent on T324907.
  • When using Special:Logout it is possible to inject HTML using the above hook, however, when using the API this is not possible.