[go: nahoru, domu]
Page MenuHomePhabricator
Create Task
Maniphest T42050

Allow password reset requests to be handled centrally for unified users
Open, MediumPublic
Actions

Description

Author: akshay.leadindia

Description:
For unified users, password reset requests dont work on wikis where the user has not visited before. This is because a local account for that user has not been created in that wiki. So, after trying to reset password on that wiki, we get an error "The username '$username' is not registered on this wiki, but it does exist in the unified login system". Even if I wanted to create a new account on this current wiki, I wont be allowed to do so citing that my desired username is very similar to/ same as the existing one. As a user, now I need to remember which wiki I had created that account on or any other wiki which I have visited before (as a logged in user) and then try to reset the password there.

As Dantman suggested we cannot allow creating local accounts on wikis where the user has not visited before because you could abuse that to force MW to create local users on wikis that a user will never go. It could be used both as a form of user harassment and as a way to spam the RC even when blocked.

A better approach would be to improve CentralAuth to allow resetting all passwords centrally for unified users.

Should this approach be approved & if it requires significant efforts, I would be interested on making these changes after I am done with SignupAPI

Version: unspecified
Severity: normal

Details

Reference
bz40050

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:08 AM
bzimport added a project: MediaWiki-extensions-CentralAuth.
bzimport set Reference to bz40050.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Sep 6 2012, 11:24 AM
werdna unsubscribed.Dec 10 2014, 5:38 PM
Nemo_bis added a project: MediaWiki-Core-AuthManager.Jul 18 2015, 7:24 PM
Nemo_bis subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 18 2015, 7:24 PM
Tgr merged a task: T89459: Modernize MediaWiki authentication system (AuthManager).Aug 27 2015, 7:07 AM
Tgr added a subtask: T89459: Modernize MediaWiki authentication system (AuthManager).
Tgr added subscribers: Krenair, Tgr, Ricordisamoa and 5 others.
Tgr added a comment.Aug 27 2015, 7:12 AM

Not sure if this is still the case, but if it is, AuthManager will make it easy to handle this cleanly: all auth providers will be able handle, ignore or prevent a password change, and the local-password provider will simply ignore (but not prevent) when the local account does not exist. IIRC password resets will be implemented as a special kind of data change and the same principle will apply.

Anomie added a comment.Jun 16 2016, 4:11 PM

AuthManager doesn't really fix this, since TemporaryPasswordPrimaryAuthenticationProvider needs a local user so it can store the temporary password. We'd have to replace that with something CentralAuth-y (along with other changes) to make it be able to work, or change core to move the user_newpassword field out of the user table and into a table indexed by not-necessarily-existing usernames instead.

OTOH, for WMF wikis we have Meta in $wgCentralAuthAutoCreateWikis so https://meta.wikimedia.org/wiki/Special:PasswordReset should generally be usable.

Also, I note that the default error message for this situation has linked to [[Special:CentralAuth/username]] since August 2013 when T39219 was fixed (although it's currently broken, see https://gerrit.wikimedia.org/r/294732 for the fix), so it's just a matter of clicking the link to find a wiki where it will work.

Tgr edited subtasks, added: T151012: CentralAuth should have its own temporary password handling; removed: T89459: Modernize MediaWiki authentication system (AuthManager).Nov 22 2016, 4:06 AM
Aklapper removed subscribers: Anomie, wikibugs-l-list.Oct 16 2020, 5:02 PM
RhinosF1 subscribed.Oct 22 2020, 7:23 AM
Bugreporter added a parent task: T362715: Move credentials change to central login wiki.Mon, Jun 24, 3:52 AM
Tgr added a project: SUL3.EditedMon, Jun 24, 3:27 PM
Tgr added a subscriber: Bugreporter.

Thanks for the reminder @Bugreporter, I didn't think of this but it's definitely a blocker for SUL3 (although for the MVP we can leave it on the local wiki).

We have gu_password_reset_key and gu_password_reset_expiration in globaluser (added way back in rECAU7ab0b090d77d: fiddle a bunch of stuff around to be more robust to global user renames in…) but nothing uses them, so we'll need to reimplement TemporaryPasswordPrimaryAuthenticationProvider in CentralAuth. (They don't match the core column names, user_newpassword and user_newpass_time, which is annoying, but true for a number of globaluser columns, and in general the CA names make more sense.)

The nicer approach, but probably too big to attempt in the middle of another project, would be to do T183420: Authentication data should not be available through the normal DB abstraction layer so core and CentralAuth can use the same authentication provider and just a different password access service.

Tgr added a project: MediaWiki-Platform-Team.Mon, Jul 1, 1:54 PM
larissagaulia assigned this task to matmarex.Mon, Jul 1, 3:09 PM
larissagaulia moved this task from Inbox, needs triage to Current Sprint on the MediaWiki-Platform-Team board.Mon, Jul 8, 2:35 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits