Page MenuHomePhabricator

CreateAccount API call does not set the 'Email' field
Open, Needs TriagePublicBUG REPORT

Description

Hi everyone. I have been experiencing some troubles implementing the createaccount API call.
https://www.mediawiki.org/w/api.php?action=help&modules=createaccount

we are having problems saving the 'Email' field via this api call.

We verified via the following URL which fields we are supposed to be sending and their correct handle.
https://www.projectcest.be/w/api.php?action=query&format=json&meta=authmanagerinfo&formatversion=2&amirequestsfor=create

We have tried the following 2 configurations for our API call.

Option 1: setting the password directly via the API.

$params = [
'form_params' => [
'action' => 'createaccount',
'username' => $userName,
'password' => $password,
'email' => $mail,
'retype' => $password,
'reason' => 'Created By ProjectCest API',
'createreturnurl' => 'http://127.0.0.1:5000/', //FIX: we do not need this URL for our implementation
'createtoken' => $createAccountToken,
'format' => 'json'
]
];

$output = $this->makeCall('POST', $params);

This results in us receiving a status PASS from the API. Our user being created in projectcest but their email is not set to their account! Requesting a password reset for this user will result in no email being sent as there is no email attached to the user!.

Option 2: requiring projectcest to send a password confirmation mail upon account creation

$params = [
'form_params' => [
'action' => 'createaccount',
'username' => $userName,
'email' => $mail,
'mailpassword' => true,
'reason' => 'Created By ProjectCest API',
'createreturnurl' => 'http://127.0.0.1:5000/', //FIX: we do not need this URL for our implementation
'createtoken' => $createAccountToken,
'format' => 'json'
]
];

$output = $this->makeCall('POST', $params);

This results in a status FAILED from the API. We get the error message 'noemailcreate' which would mean the 'email' address we have provided in that field is not being read. The email we have provided is a valid email though so we are not sure why we are receiving this error.

Could you provide us with some support to find out what we are doing wrong? Thanks in advance.

Related Objects

Event Timeline

Current setup: MediaWiki
1.39.10 (704f72b) 7. Okt. 2024, 07:16 / PHP 7.4.33 (apache2handler) /
MariaDB 10.5.26-MariaDB-0+deb11u2)

Reedy renamed this task from Issue CreateAccount API call. to Issue with CreateAccount API call.Nov 8 2024, 3:00 PM
Reedy added a project: MediaWiki-Action-API.
Reedy updated the task description. (Show Details)
Aklapper renamed this task from Issue with CreateAccount API call to CreateAccount API call does not set the 'Email' field.Nov 18 2024, 3:56 PM

Hi everyone,

I wanted to ask at which time frame I could expect some feedback on the issue above. Thanks in advance!

Kind regards,

Merel

Hi, whenever someone volunteers to look into this; see also https://www.mediawiki.org/wiki/Bug_management/Development_prioritization .
If you are looking for support, see https://www.mediawiki.org/wiki/Communication - thanks!

Can you copy the output from api.php?action=query&format=json&meta=authmanagerinfo&formatversion=2&amirequestsfor=create&amimergerequestfields=1?

Can you copy the output from api.php?action=query&format=json&meta=authmanagerinfo&formatversion=2&amirequestsfor=create&amimergerequestfields=1?

{
  "batchcomplete": true,
  "query": {
    "authmanagerinfo": {
      "canauthenticatenow": true,
      "cancreateaccounts": true,
      "canlinkaccounts": false,
      "haspreservedstate": false,
      "hasprimarypreservedstate": false,
      "preservedusername": "",
      "requests": [
        {
          "id": "CaptchaAuthenticationRequest",
          "metadata": {
            "type": "question",
            "mime": "text/html"
          },
          "required": "required",
          "provider": "MediaWiki\\Extension\\ConfirmEdit\\Auth\\CaptchaAuthenticationRequest",
          "account": "CaptchaAuthenticationRequest"
        },
        {
          "id": "MediaWiki\\Auth\\PasswordAuthenticationRequest",
          "metadata": {

          },
          "required": "primary-required",
          "provider": "Password-based authentication",
          "account": ""
        },
        {
          "id": "MediaWiki\\Auth\\UsernameAuthenticationRequest",
          "metadata": {

          },
          "required": "required",
          "provider": "MediaWiki\\Auth\\UsernameAuthenticationRequest",
          "account": "MediaWiki\\Auth\\UsernameAuthenticationRequest"
        },
        {
          "id": "MediaWiki\\Auth\\UserDataAuthenticationRequest",
          "metadata": {

          },
          "required": "required",
          "provider": "MediaWiki\\Auth\\UserDataAuthenticationRequest",
          "account": "MediaWiki\\Auth\\UserDataAuthenticationRequest"
        }
      ],
      "fields": {
        "captchaId": {
          "type": "hidden",
          "value": "1717687990",
          "label": "CAPTCHA ID",
          "help": "This value should be sent back unchanged.",
          "optional": false,
          "sensitive": false
        },
        "captchaInfo": {
          "type": "null",
          "value": "Please enter the magic number \"1080\".",
          "label": "To protect the wiki against automated account creation, we kindly ask you to answer the question that appears below ([[Special:Captcha/help|more info]]):",
          "help": "Description of the CAPTCHA.",
          "optional": false,
          "sensitive": false
        },
        "captchaWord": {
          "type": "string",
          "label": "CAPTCHA",
          "help": "Solution of the CAPTCHA.",
          "optional": false,
          "sensitive": false
        },
        "username": {
          "type": "string",
          "label": "Username",
          "help": "Username for authentication.",
          "optional": false,
          "sensitive": false
        },
        "password": {
          "type": "password",
          "label": "Password",
          "help": "Password for authentication.",
          "optional": false,
          "sensitive": true
        },
        "retype": {
          "type": "password",
          "label": "Retype password:",
          "help": "Password again to confirm.",
          "optional": false,
          "sensitive": true
        },
        "email": {
          "type": "string",
          "label": "Email",
          "help": "Email address",
          "optional": true,
          "sensitive": false
        },
        "realname": {
          "type": "string",
          "label": "Real name",
          "help": "Real name of the user",
          "optional": true,
          "sensitive": false
        }
      }
    }
  }
}

Oh, right, I missed that this is a publicly available wiki.

It seems like setting the email should be supported. Have you required email confirmation ($wgEmailAuthentication)? In that case, the email field would mostly be treated as missing until the user clicks the link in the verification email.

Have you required email confirmation ($wgEmailAuthentication)?

No, it is set to false:

$wgEmailAuthentication = false;

This is basically why we are a bit puzzled about why it is not setting the email.