API:Resetpassword
This page is part of the MediaWiki Action API documentation. |
MediaWiki version: | ≥ 1.27 |
POST request to reset password for all users with an email address.
API documentation
Example
Making any POST request is a multi-step process:
- GET an edit/CSRF token as shown here API:Tokens
- Send a POST request, with the CSRF token, to reset password for all users with an email address.
The sample codes below cover these steps.
POST request
Reset the password for all users with email address user@mediawiki.org.
api.php? action=resetpassword& email=user@mediawiki.org& token=0123456789012345678901234567890123456789%2b%5c& format=json [try in ApiSandbox]
Response
{
"resetpassword": {
"status": "success"
}
Sample code
Python
#!/usr/bin/python3
"""
reset_password.py
MediaWiki API Demos
Demo of `Resetpassword` module: RReset password for all users with an email address.
MIT license
"""
import requests
S = requests.Session()
URL = "https://test.wikipedia.org/w/api.php"
# Step 1: Retrieve a login token
PARAMS_1 = {
"action": "query",
"meta": "tokens",
"type": "login",
"format": "json"
}
R = S.get(url=URL, params=PARAMS_1)
DATA = R.json()
LOGIN_TOKEN = DATA['query']['tokens']['logintoken']
# Step 2: Send a POST request to log in. For this login
# method, obtain credentials by first visiting
# https://www.test.wikipedia.org/wiki/Manual:Bot_passwords
# See https://www.mediawiki.org/wiki/API:Login for more
# information on log in methods.
PARAMS_2 = {
"action": "login",
"lgname": "user_name",
"lgpassword": "password",
"format": "json",
"lgtoken": LOGIN_TOKEN
}
R = S.post(URL, data=PARAMS_2)
DATA = R.json()
# Step 3: While logged in, retrieve a CSRF token
PARAMS_3 = {
"action": "query",
"meta": "tokens",
"format": "json"
}
R = S.get(url=URL, params=PARAMS_3)
DATA = R.json()
CSRF_TOKEN = DATA["query"]["tokens"]["csrftoken"]
# Step 4: Send a POST request to reset the password for all
# users with e-mail address user@mediawiki.org.
PARAMS_4 = {
"token":CSRF_TOKEN,
"action":"resetpassword",
"email":"user@mediawiki.org",
"format":"json"
}
R = S.post(URL, data=PARAMS_4)
DATA = R.text
print(DATA)
PHP
<?php
/*
reset_password.php
MediaWiki API Demos
Demo of `Resetpassword` module: Reset password for all users with an email address.
MIT license
*/
$endPoint = "https://test.wikipedia.org/w/api.php";
$csrf_Token = getCSRFToken(); // Step 1
resetPassword( $csrf_Token ); // Step 2
// Step 1: GET request to fetch CSRF token
function getCSRFToken() {
global $endPoint;
$params1 = [
"action" => "query",
"meta" => "tokens",
"format" => "json"
];
$url = $endPoint . "?" . http_build_query( $params1 );
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$output = curl_exec( $ch );
curl_close( $ch );
$result = json_decode( $output, true );
return $result["query"]["tokens"]["csrftoken"];
}
# Step 2: Send a POST request to reset the password for all
# users with e-mail address user@mediawiki.org.
function resetPassword( $csrftoken ) {
global $endPoint;
$params2 = [
"action" => "resetpassword",
"email" => "user@mediawiki.org",
"format" => "json",
"token" => $csrftoken
];
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $endPoint );
curl_setopt( $ch, CURLOPT_POST, true );
curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params2 ) );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );
$response = curl_exec($ch);
curl_close($ch);
echo ($response);
}
JavaScript
/*
reset_password.js
MediaWiki API Demos
Demo of `Resetpassword` module: Reset password for all users with an email address.
MIT license
*/
var request = require("request").defaults({jar: true}),
url = "https://test.wikipedia.org/w/api.php";
// Step 1: GET Request to fetch login token
function getLoginToken() {
var params_0 = {
action: "query",
meta: "tokens",
type: "login",
format: "json"
};
request.get({ url: url, qs: params_0 }, function (error, res, body) {
if (error) {
return;
}
var data = JSON.parse(body);
loginRequest(data.query.tokens.logintoken);
});
}
// Step 2: POST request to log in.
// Use of main account for login is not
// supported. Obtain credentials via Special:BotPasswords
// (https://www.mediawiki.org/wiki/Special:BotPasswords) for lgname & lgpassword
function loginRequest(login_token) {
var params_1 = {
action: "login",
lgname: "bot_username",
lgpassword: "bot_password",
lgtoken: login_token,
format: "json"
};
request.post({ url: url, form: params_1 }, function (error, res, body) {
if (error) {
return;
}
getCsrfToken();
});
}
// Step 3: GET request to fetch CSRF token
function getCsrfToken() {
var params_2 = {
action: "query",
meta: "tokens",
format: "json"
};
request.get({ url: url, qs: params_2 }, function(error, res, body) {
if (error) {
return;
}
var data = JSON.parse(body);
resetPassword(data.query.tokens.csrftoken);
});
}
// Step 4: Send a POST request to reset the password for all
// users with e-mail address user@mediawiki.org.
function resetPassword(csrf_token) {
var params_3 = {
action: "resetpassword",
email: "user@mediawiki.org",
format: "json",
token: csrf_token
};
request.post({ url: url, form: params_3 }, function(error, res, body) {
if (error) {
return;
}
console.log(body);
});
}
// Start From Step 1
getLoginToken();
MediaWiki JS
/*
reset_password.js
MediaWiki API Demos
Demo of `Resetpassword` module: Reset password for all users with an email address.
MIT license
*/
var params = {
action: 'resetpassword',
email: 'user@mediawiki.org',
format: 'json'
},
api = new mw.Api();
api.postWithToken( 'csrf', params ).done( function ( data ) {
console.log( data );
} );
Possible errors
Code | Info |
---|---|
passwordreset-invalidemail | Invalid email address |
passwordreset-nodata | Neither a username nor an email address was supplied |
invalidparammix | The parameters user, email can not be used together. |
missingparam | One of the parameters user, email is required. |
See also
- API:Validatepassword - Validate a password against the wiki's password policies.