Extension:UserVerification

• Download and move the extracted UserVerification folder to your extensions/ directory
• Run composer update --no-dev in the extension's folder, to install the required PHP libraries
• Add the following code at the bottom of your LocalSettings.php

wfLoadExtension( 'UserVerification' );

• Run php maintenance/update.php (it will create the database tables that this extension needs)
• run php extensions/UserVerification/maintenance/CreateKeys.php --password [your password] in order to create a site-level password by which to encrypt/decrypt all sensitive data, including files with ID and proof of residence, entered by users.
•   Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.

The extension provides a special page by which to monitor and manage the verification status of all users, with relevant information like "email authenticated", "editcount", "autoconfirmed", etc. The verification status can be edited by authorized users between the values "none", "pending", "verified", "not required".

As long as an action is added to the global parameter $wgUserVerificationRequireUserVerifiedActions and the user does not have the right "userverification-can-manage-verification", the action is forbidden until the status of the user is not verified.

The extension will therefore show a message to the user, with a link to the following form:

by which the user is required to enter the following information:

• first name
• last name
• sex (includes the option "decline sex identity")
• date of birth
• place of birth
• country of birth
• country of residence
• address of residence
• email
• phone number (optional)
• proof of identity (file)
• proof of residence (file)

Note that these are standard information required for an official identification and they are fit to adequately identify an user. Future versions of the extensions may also feature alternate methods for user verification, like Orchid, Credas, Twitter, Linked-in, Facebook, Github, etc., only upon explicit request. ^[1].

Also note that all the entered data are encrypted with an asymmetric key created through the maintenance script CreateKeys, and then read through an encrypted private key unlocked through a symmetric encryption. (asymmetric encryption is based on Sodium and symmetric encryption on Defuse php-encryption.

Once that the user has inserted their data, they will be accessible from the Special page Manage users, after inserting the site-level password (required to decrypt the private key)

Also note that in order to let the users upload files, the folder specified from the parameter $UserVerificationUploadDir ("{$IP}/../MWUploads/UserVerification" by default) must be writable by the webserver.

Example configuration:

$wgUserVerificationEmailConfirmToEdit = true;
$wgUserVerificationRequireUserVerifiedActions = [ 'edit' ];
$wgUserVerificationUploadDir = "{$IP}/../MWUploads/UserVerification";

The extension creates the following groups: (they are assignable to users through the standard special page Special:UserRights)

The extension creates the following user rights.

• add Extension:Echo notifications for admins on user registration
• show alert to users after sign-up to require email verification (if $wgUserVerificationEmailConfirmToEdit is set to true)
• add alternative user verification like Orchid, Credas, Twitter, Linked-in, Facebook, Github, etc. (only on request, please write at the email address posted here)

• Extension:EmailNotifications
• Extension:PageOwnership
• Extension:PageEncryption
• Extension:InviteSignup
• Extension:ConfirmAccount