API:Checktoken
This page is part of the MediaWiki Action API documentation. |
GET request to check the validity of a token from the tokens module. It will only work if the request comes from the owner of the token, it can not be used by third parties to check the token's validity, for that you would have to use extensions such as Extension:Third party session verification .
MediaWiki version: | ≥ 1.25 |
API documentation
edit
Example
editGET request
editCheck a CSRF token.
Response
edit{
"checktoken": {
"result": "invalid"
}
}
Sample code
editPython
edit#!/usr/bin/python3
"""
check_token.py
MediaWiki API Demos
Demo of `Checktoken` module: Check a CSRF token.
MIT License
"""
import requests
S = requests.Session()
URL = "https://en.wikipedia.org/w/api.php"
PARAMS = {
"action": "checktoken",
"token": "123ABC",
"type": "csrf",
"format": "json"
}
R = S.get(url=URL, params=PARAMS)
DATA = R.json()
print(DATA)
PHP
edit<?php
/*
check_token.php
MediaWiki API Demos
Demo of `Checktoken` module: Check a CSRF token.
MIT License
*/
$endPoint = "https://en.wikipedia.org/w/api.php";
$params = [
"action" => "checktoken",
"token" => "123ABC",
"type" => "csrf",
"format" => "json"
];
$url = $endPoint . "?" . http_build_query( $params );
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
$output = curl_exec( $ch );
curl_close( $ch );
echo( $output );
JavaScript
edit/*
check_token.js
MediaWiki API Demos
Demo of `Checktoken` module: Check a CSRF token.
MIT License
*/
var url = "https://en.wikipedia.org/w/api.php";
var params = {
action: "checktoken",
token: "123ABC",
type: "csrf",
format: "json"
};
url = url + "?origin=*";
Object.keys(params).forEach(function(key){url += "&" + key + "=" + params[key];});
fetch(url)
.then(function(response){return response.json();})
.then(function(response) {console.log(response);})
.catch(function(error){console.log(error);});
MediaWiki JS
edit/*
check_token.js
MediaWiki API Demos
Demo of `Checktoken` module: Check a CSRF token.
MIT License
*/
var params = {
action: 'checktoken',
token: '123ABC',
type: 'csrf',
format: 'json'
},
api = new mw.Api();
api.get( params ).done( function ( data ) {
console.log( data );
} );
Possible errors
editCode | Info |
---|---|
notoken | The token parameter must be set. |
notype | The type parameter must be set. |
unknown_type | Unrecognized value for parameter type: ###. |