如何使用API​​登錄或clientlogin自動登錄mediawiki？

Question

大多數指南我都可以在版本1.27之前找到工作。 對於如何設置cookie感到如此迷惑？我如何獲得sessionid？
這是我的代碼，但沒有正確獲取登錄令牌。
系統信息：
軟件版本
MediaWiki 1.28.2
PHP 5.6.30
MariaDB 10.1.21

<?php
namespace mediawiki;


// Start session
session_start();

/**
 * How to log in mediawiki using PHP cURL?
 * -------------------------------------------------
 */

//set login username password which already in your mediawiki database
$username = 'abc';
$password = '123';

//setup url
$Root = 'localhost/mediawiki';
$API_Location = "${Root}/api.php";

//setup cookie
$CookieFilePath = tempnam("/tmp", "TMP0");
$expire = 60*60*24*14 + time();
$CookiePrefix = 'theprefix';
$Domain = 'localhost';

// set variables to use in curl_setopts
$PostFields = "action=query&meta=tokens&type=login&format=json";

// first http post to sign in to MediaWiki
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$API_Location");
curl_setopt($ch, CURLOPT_TIMEOUT, 500);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/x-www-form-urlencoded',
    'Content-Length: ' .strlen($PostFields))
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "$PostFields");

curl_setopt($ch, CURLOPT_COOKIEJAR, $CookieFilePath);
curl_setopt($ch, CURLOPT_COOKIEFILE, $CookieFilePath);

$Result = curl_exec($ch);
if(curl_exec($ch) === false) echo '<br>Curl error: ' . curl_error($ch).'<br>';
curl_close($ch); // curl closed

$ResultSerialized = json_decode($Result,true);
$Token = $ResultSerialized["query"]["tokens"]["logintoken"];

// cookie must be set using session id from first response
$_SESSION["logintoken"]=$Token;
//How can I get sessionid?
$sessionid=session_id();
$_SESSION["sessionid"] =$sessionid;

setcookie("${CookiePrefix}_Session",$sessionid , $expire, '/', $Domain);
setcookie("${CookiePrefix}UserName",$username,$expire,'/',$Domain);
setcookie("${CookiePrefix}Token", $_SESSION["logintoken"], $expire, '/', $Domain);

// second http post to finish sign in
$ch = curl_init();
$PostFields="action=login&lgname=${username}&lgpassword=${password}&lgtoken=${Token}&format=json";
curl_setopt($ch, CURLOPT_URL, "$API_Location");
curl_setopt($ch, CURLOPT_TIMEOUT, 500);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
       'Content-Type: application/x-www-form-urlencoded',
        'Content-Length: ' .strlen($PostFields))
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "$PostFields");
curl_setopt($ch, CURLOPT_COOKIE, "${CookiePrefix}_session=$sessionid");

curl_setopt($ch, CURLOPT_COOKIEJAR, $CookieFilePath);
curl_setopt($ch, CURLOPT_COOKIEFILE, $CookieFilePath);

$Result = curl_exec($ch);
if(curl_exec($ch) === false) echo '<br>Curl error: ' . curl_error($ch).'<br>';
curl_close($ch); // curl closed
$ResultSerialized = json_decode($Result,true);

// set persistent cookies
//$LgToken = $ResultSerialized["query"]["tokens"]["logintoken"];
$LgUserID = $ResultSerialized["login"]["lguserid"];
$LgUserName = $ResultSerialized["login"]["lgusername"];
$lgstatus=$ResultSerialized["login"]["result"];
var_dump($lgstatus);

setcookie("${CookiePrefix}UserName", $LgUserName, $expire, '/', $Domain);
setcookie("${CookiePrefix}UserID", $LgUserID, $expire, '/', $Domain);
//setcookie("${CookiePrefix}Token", $Token, $expire, '/', $Domain);

// Delete cURL cookie
unlink($CookieFilePath);

?>

我也嘗試通過郵遞員使用clientlogin，發布請求完全像mediawiki.org/wiki/API:Login上的示例，但結果：“authmanager-authn-no-primary”。

參考：

• 如何使用PHP cURL登錄mediawiki？
• https://mediawiki.org/wiki/User:Krinkle/API_PHP_cURL_example
• https://mediawiki.org/wiki/API:Login/de/1_Beispiel
• https://mediawiki.org/wiki/API:Login

Answer 1

要登錄，您需要首先獲取一個logintoken ：

$query_string = '?action=query&meta=tokens&type=login&format=json';
...// sparing curl_exec details
$ResultSerialized = json_decode($Result, true);
$Token = $ResultSerialized['query']['tokens']['logintoken'];

然后，您發布logintoken以及您的用戶名和密碼：

$post_data = "?action=login&lgname=$username&lgpassword=password&logintoken=$Token&format=json";

你應該登錄！ 只要您在所有請求之間保持相同的cookie會話，您就應該能夠使用登錄操作。