API:Resetpassword

This page is part of the MediaWiki Action API documentation.

MediaWiki version:

≥ 1.27

POST request to reset password for all users with an email address.

API documentation

The following documentation is the output of Special:ApiHelp/resetpassword, automatically generated by the pre-release version of MediaWiki that is running on this site (MediaWiki.org).

action=resetpassword

(main | resetpassword)

This module requires read rights.
This module requires write rights.
This module only accepts POST requests.
Source: MediaWiki
License: GPL-2.0-or-later

Send a password reset email to a user.

https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data

Specific parameters:

Other general parameters are available.

user: User being reset.; Type: user, by username
email: Email address of the user being reset.
token: A "csrf" token retrieved from action=query&meta=tokens; This parameter is required.

Examples:

Send a password reset email to user Example.: api.php?action=resetpassword&user=Example&token=123ABC [open in sandbox]
Send a password reset email for all users with email address user@example.com.: api.php?action=resetpassword&user=user@example.com&token=123ABC [open in sandbox]

Example

Making any POST request is a multi-step process:

GET an edit/CSRF token as shown here API:Tokens
api.php?action=query&format=json&meta=tokens [try in ApiSandbox]
Send a POST request, with the CSRF token, to reset password for all users with an email address.

The sample codes below cover these steps.

POST request

Reset the password for all users with email address user@mediawiki.org.

api.php?action=resetpassword&email=user@mediawiki.org&token=0123456789012345678901234567890123456789%2b%5c&format=json [try in ApiSandbox]

Response

{
  "resetpassword": {
    "status": "success"
  }

Sample code

Python

#!/usr/bin/python3

"""
    reset_password.py

    MediaWiki API Demos
    Demo of `Resetpassword` module: RReset password for all users with an email address.

    MIT license
"""
import requests

S = requests.Session()

URL = "https://test.wikipedia.org/w/api.php"

# Step 1: Retrieve a login token
PARAMS_1 = {
    "action": "query",
    "meta": "tokens",
    "type": "login",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()

LOGIN_TOKEN = DATA['query']['tokens']['logintoken']

# Step 2: Send a POST request to log in. For this login
# method, obtain credentials by first visiting
# https://www.test.wikipedia.org/wiki/Manual:Bot_passwords
# See https://www.mediawiki.org/wiki/API:Login for more
# information on log in methods.
PARAMS_2 = {
    "action": "login",
    "lgname": "user_name",
    "lgpassword": "password",
    "format": "json",
    "lgtoken": LOGIN_TOKEN
}

R = S.post(URL, data=PARAMS_2)
DATA = R.json()

# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
    "action": "query",
    "meta": "tokens",
    "format": "json"
}

R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()

CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]

# Step 4: Send a POST request to reset the password for all
# users with e-mail address user@mediawiki.org.

PARAMS_4 = {
    "token":CSRF_TOKEN,
    "action":"resetpassword",
    "email":"user@mediawiki.org",
    "format":"json"
    }

R = S.post(URL, data=PARAMS_4)
DATA = R.text

print(DATA)

PHP

<?php

/*
    reset_password.php

    MediaWiki API Demos
    Demo of `Resetpassword` module: Reset password for all users with an email address.

    MIT license
*/
$endPoint = "https://test.wikipedia.org/w/api.php";

$csrf_Token = getCSRFToken(); // Step 1
resetPassword( $csrf_Token ); // Step 2

// Step 1: GET request to fetch CSRF token
function getCSRFToken() {
	global $endPoint;

	$params1 = [
		"action" => "query",
		"meta" => "tokens",
		"format" => "json"
	];

	$url = $endPoint . "?" . http_build_query( $params1 );

	$ch = curl_init( $url );

	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );

	$result = json_decode( $output, true );
	return $result["query"]["tokens"]["csrftoken"];
}

# Step 2: Send a POST request  to reset the password for all
# users with e-mail address user@mediawiki.org.
function resetPassword( $csrftoken ) {
	global $endPoint;
	
	$params2 = [
        "action" => "resetpassword",
        "email" => "user@mediawiki.org",
		"format" => "json",
		"token" => $csrftoken
	];
  
	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params2 ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$response = curl_exec($ch);
	curl_close($ch);

	echo ($response);
}

JavaScript

/*
    reset_password.js

    MediaWiki API Demos
    Demo of `Resetpassword` module: Reset password for all users with an email address.

    MIT license
*/
var request = require("request").defaults({jar: true}),
url = "https://test.wikipedia.org/w/api.php";

// Step 1: GET Request to fetch login token
function getLoginToken() {
    var params_0 = {
        action: "query",
        meta: "tokens",
        type: "login",
        format: "json"
    };
    request.get({ url: url, qs: params_0 }, function (error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        loginRequest(data.query.tokens.logintoken);
    });
}

// Step 2: POST request to log in. 
// Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest(login_token) {
    var params_1 = {
        action: "login",
        lgname: "bot_username",
        lgpassword: "bot_password",
        lgtoken: login_token,
        format: "json"
    };
    
    request.post({ url: url, form: params_1 }, function (error, res, body) {
        if (error) {
            return;
        }
        getCsrfToken();
    });
}

// Step 3: GET request to fetch CSRF token
function getCsrfToken() {
    var params_2 = {
        action: "query",
        meta: "tokens",
        format: "json"
    };
    request.get({ url: url, qs: params_2 }, function(error, res, body) {
        if (error) {
            return;
        }
        var data = JSON.parse(body);
        resetPassword(data.query.tokens.csrftoken);
    });
}

// Step 4: Send a POST request  to reset the password for all 
// users with e-mail address user@mediawiki.org.
function resetPassword(csrf_token) {
    var params_3 = {
        action: "resetpassword",
        email: "user@mediawiki.org",
        format: "json",
        token: csrf_token
    };
    request.post({ url: url, form: params_3 }, function(error, res, body) {
        if (error) {
            return;
        }
        console.log(body);
    });
}

// Start From Step 1
getLoginToken();

MediaWiki JS

/*
    reset_password.js

    MediaWiki API Demos
    Demo of `Resetpassword` module: Reset password for all users with an email address.

    MIT license
*/

var params = {
    action: 'resetpassword',
    email: 'user@mediawiki.org',
    format: 'json'
},
api = new mw.Api();

api.postWithToken( 'csrf', params ).done( function ( data ) {
console.log( data );
} );

Possible errors


Code	Info
passwordreset-invalidemail	Invalid email address
passwordreset-nodata	Neither a username nor an email address was supplied
invalidparammix	The parameters `user`, `email` can not be used together.
missingparam	One of the parameters `user`, `email` is required.