MW API set cookies when using internal calls

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

MW API set cookies when using internal calls

Dian-3
Hi all,
I am trying to create a new layer for the MW API which allows access
over SOAP. I plan to support some often used functions like:
*login / logout
*create / delete a page
*read / update a page
*move a page
For each function I create a query and execute it using the created
ApiMain object.

When requesting an action the user should send the cookies (and the
different tokens). In order to execute the action with proper user
credentials set, I need to set the right cookies.

Which is the best way to set the cookies in the wiki when communicating
directly over ApiMain?

Any suggestions appreciated!

Best regards,
Dian


_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|

Re: MW API set cookies when using internal calls

Roan Kattouw
Dian schreef:

> Hi all,
> I am trying to create a new layer for the MW API which allows access
> over SOAP. I plan to support some often used functions like:
> *login / logout
> *create / delete a page
> *read / update a page
> *move a page
> For each function I create a query and execute it using the created
> ApiMain object.
>
> When requesting an action the user should send the cookies (and the
> different tokens). In order to execute the action with proper user
> credentials set, I need to set the right cookies.
>
> Which is the best way to set the cookies in the wiki when communicating
> directly over ApiMain?
You don't need to. When called in internal mode (i.e. with ApiMain and
FauxRequest) the API will automatically use the user credentials of the
caller. If your clients pass their login cookies to your extension,
MediaWiki's startup code will do all the required magic.

Roan Kattouw (Catrope)

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|

Re: MW API set cookies when using internal calls

Dian-3
Thanks for the fast reply!
But suppose the user just sends a serialized object containing the
cookie-data , i.e. the HTTP headers doesn't include the cookies.
How can I manage to set the cookies in the system after deserializing
them from the XML of the SOAP message?


Best regards,
Dian

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|

Re: MW API set cookies when using internal calls

Roan Kattouw
Dian schreef:
> Thanks for the fast reply!
> But suppose the user just sends a serialized object containing the
> cookie-data , i.e. the HTTP headers doesn't include the cookies.
> How can I manage to set the cookies in the system after deserializing
> them from the XML of the SOAP message?
>  
It's kind of hacky, but it seems there's no clean way to do it. There
should be no scary side-effects AFAICT.

$_SESSION['wsUserId'] = $userid;
$_SESSION['wsUserName'] = $username;
$_SESSION['wsToken'] = $token;

global $wgUser;
$wgUser = User::newFromSession();

Roan Kattouw (Catrope)

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|

Re: MW API set cookies when using internal calls

Bryan Tong Minh
On Mon, Oct 13, 2008 at 6:04 PM, Roan Kattouw <[hidden email]> wrote:

> Dian schreef:
>> Thanks for the fast reply!
>> But suppose the user just sends a serialized object containing the
>> cookie-data , i.e. the HTTP headers doesn't include the cookies.
>> How can I manage to set the cookies in the system after deserializing
>> them from the XML of the SOAP message?
>>
> It's kind of hacky, but it seems there's no clean way to do it. There
> should be no scary side-effects AFAICT.
>
> $_SESSION['wsUserId'] = $userid;
> $_SESSION['wsUserName'] = $username;
> $_SESSION['wsToken'] = $token;
>
> global $wgUser;
> $wgUser = User::newFromSession();
>
> Roan Kattouw (Catrope)
>
> _______________________________________________
> Mediawiki-api mailing list
> [hidden email]
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
>

The fact that session data is not stored within WebRequest is a
problem which I also ran into when rewritting the upload code. Need to
do something about it.

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api