Available from version 1.10.0
Removed in version 1.27.0
A login attempt for a valid user account either succeeded or failed. No return data is accepted; this hook is for auditing only.
Define function:
public static function onLoginAuthenticateAudit( $user, $password, $retval ) { ... }
Attach hook: In extension.json:
	"Hooks": {
		"LoginAuthenticateAudit": "MediaWiki\\Extension\\MyExtension\\Hooks::onLoginAuthenticateAudit"
Called from: File(s): specials/SpecialUserLogin.php
Interface: LoginAuthenticateAuditHook.php

For more information about attaching hooks, see Manual:Hooks .
For examples of extensions using this hook, see Category:LoginAuthenticateAudit extensions.


  • $user: The User object being authenticated against.
  • $password: The password being submitted and found wanting.
  • $retval: A LoginForm class constant with authenticateUserData() return value (LoginForm::SUCCESS, LoginForm::WRONG_PASS, etc).