API:Validatepassword

POST request to validate password against wiki's password policies.

MediaWiki version:
1.29

API documentation

action=validatepassword

(main | validatepassword)
  • This module requires read rights.
  • This module only accepts POST requests.
  • Source: MediaWiki
  • License: GPL-2.0-or-later

Validate a password against the wiki's password policies.

Validity is reported as Good if the password is acceptable, Change if the password may be used for login but must be changed, or Invalid if the password is not usable.

Specific parameters:
Other general parameters are available.
password

Password to validate.

This parameter is required.
user

Username, for use when testing account creation. The named user must not exist.

Type: user, by any of username and user ID (e.g. "#12345")
email

Email address, for use when testing account creation.

realname

Real name, for use when testing account creation.

Examples:
Validate the password foobar for the current user.
api.php?action=validatepassword&password=foobar [open in sandbox]
Validate the password qwerty for creating user Example.
api.php?action=validatepassword&password=querty&user=Example [open in sandbox]


Example

POST request

Validate a password against the wiki's password policies.

Response

{
    "validatepassword": {
        "validity": "Good"
    }
}

Sample code

Python

#!/usr/bin/python3

"""
    validatepassword.py

    MediaWiki Action API Code Samples
    Demo of `Validatepassword` module: Validate a password against the wiki's password policies.
    MIT license
"""

import requests

URL = "https://en.wikipedia.org/w/api.php"

S = requests.Session()

PARAMS = {
    "action": "validatepassword",
    "format": "json",
    "password": "",
}

R = S.post(URL, data=PARAMS)
DATA = R.json()

print(DATA)

PHP

<?php

/*
    validatepassword.php

    MediaWiki Action API Code Samples
    Demo of `Validatepassword` module: Validate a password against the wiki's password policies.
    MIT license
"""
*/

$endPoint = "https://en.wikipedia.org/w/api.php";

$validate_password = validatePassword();

function validatePassword() {
	global $endPoint;
	
	$params = [
		"action" => "validatepassword",
		"password" => "my_password",
		"format" => "json"
	];
		
	$ch = curl_init();

	curl_setopt( $ch, CURLOPT_URL, $endPoint );
	curl_setopt( $ch, CURLOPT_POST, true );
	curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query( $params ) );
	curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
	curl_setopt( $ch, CURLOPT_COOKIEJAR, "cookie.txt" );
	curl_setopt( $ch, CURLOPT_COOKIEFILE, "cookie.txt" );

	$output = curl_exec( $ch );
	curl_close( $ch );
}

JavaScript

/*
    validatepassword.js

    MediaWiki Action API Code Samples
    Demo of `Validatepassword` module: Validate a password against the wiki's password policies.
    MIT license
*/


var request = require("request").defaults({jar: true}),
url = 'https://en.wikipedia.org/w/api.php';

function validatePassword() {
    var params = {
        action: "validatepassword",
        password: "your_password",
        format: "json"
    };
    
    request.post({ url: url, form: params }, function (error, res, body) {
        if (error) {
            return;
        }
        console.log(body);
    });
}

MediaWiki JS

/*
    validatepassword.js

    MediaWiki Action API Code Samples
    Demo of `Validatepassword` module: Validate a password against the wiki's password policies.
    MIT license
*/

    var params = {
        action: "validatepassword",
        password: "my_password",
        format: "json"
    },
	api = new mw.Api();

api.postWithToken( 'csrf', params ).done( function ( data ) {
	console.log( data );
} );

Possible errors

Code Info
userexists Username entered already in use.

Please choose a different name.

nopassword The password parameter must be set.
baduser Invalid value "username" for user parameter user.

Additional notes

  • Validity is reported as:
    • Good - if the password is acceptable
    • Change - if the password may be used for login but must be changed
    • Invalid - if the password is not usable.