Manual:Hooks/AuthManagerLoginAuthenticateAudit
AuthManagerLoginAuthenticateAudit | |
---|---|
Available from version 1.27.0 A login attempt either succeeded or failed for a reason other than misconfiguration or session loss. No return data is accepted; this hook is for auditing only. | |
Define function: | public static function onAuthManagerLoginAuthenticateAudit( $response, $user, $username, $extraData ) { ... }
|
Attach hook: | In extension.json:
{
"Hooks": {
"AuthManagerLoginAuthenticateAudit": "MediaWiki\\Extension\\MyExtension\\Hooks::onAuthManagerLoginAuthenticateAudit"
}
}
|
Called from: | File(s): auth/AuthManager.php |
Interface: | AuthManagerLoginAuthenticateAuditHook.php |
For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:AuthManagerLoginAuthenticateAudit extensions.
Details
edit- $response - the
MediaWiki\Auth\AuthenticationResponse
in either a PASS or FAIL state. (Note that while FAIL usually means that the system found the login attempt invalid and prevented it, that's not always the case. It could also be caused by some sort of internal error preventing an otherwise valid attempt, e.g. user autocreation failing due to a database transaction timeout. The error message in the response will help tell those cases apart.) - $user - if the authentication process got to the point where the identity of the user could be determined, this will contain the corresponding
User
object; otherwise, null. More specifically, this parameter will be set if primary authentication was successful (e.g. successfully providing the username and password but then failing a TOTP check will result in a FAIL with a filled $user parameter). - $username - a guess at the user name being authenticated, or null if we can't even determine that. (The latter can happen e.g. when using something like GoogleLogin where the user just clicks a button without entering any username.)
- $extraData - an associative array with additional data:
- performer - the
User
object performing the login. Usually this is the anonymous user, but logged-in users can also use the login page to log into a different account. Since MediaWiki 1.42 - appId - the application ID (bot name). Only present when logging in with a bot password.
- performer - the
Before AuthManager, the LoginAuthenticateAudit hook was used.