Extension:EmailAuth/Hooks/EmailAuthRequireToken
| EmailAuthRequireToken | |
|---|---|
| Available from version ??? Decide whether verification via email is required for this login to succeed (and optionally modify the messaging) |
|
| Define function: | public static function onEmailAuthRequireToken( $user, &$verificationRequired, &$formMessage, &$subject, &$body, &$bodyHtml ) { ... }
|
| Attach hook: | $wgHooks['EmailAuthRequireToken'][] = 'MyExtensionHooks::onEmailAuthRequireToken';
|
| Called from: | File(s): EmailAuth / includes/EmailAuthSecondaryAuthenticationProvider.php |
For more information about attaching hooks, see Manual:Hooks.
For examples of other extensions using this hook, see Category:EmailAuthRequireToken extensions.
The hook will be called on every login that would be successful. When $verificationRequired is changed to true, an extra step is added to the login: a six-letter verification code is emailed to the user, and must be entered for the login to succeed.
The meaning of the parameters:
$user(User): The user trying to log in.&$verificationRequired: (bool) Change this to true to enable verification.&$formMessage: (Message) Message telling the user they need to do an extra verification step.&$subject: (string) subject of the email with the verification code&$body: (string) body of the email with the verification code; last parameter must be the token and will be set later&bodyHtml: (string) body of the email with the verification code in HTML format.
An example that will force email verification for all admins who do not use OATH:
$wgHooks['EmailAuthRequireToken'][] = function (
$user,
&$verificationRequired,
&$formMessage,
&$subject,
&$body,
&$bodyHtml
) {
if (
class_exists( OATHAuthUtils::class ) &&
OATHAuthUtils::isEnabledFor( $user )
) {
return;
}
if ( $user->isAllowed( 'delete' ) ) {
$verificationRequired = true;
return false;
}
};