Extension:ConfirmAccount
ConfirmAccount Release status: stable |
|
---|---|
Implementation | User identity , Database , Special page |
Description | Requires submission and approval of accounts. |
Author(s) | Aaron Schulztalk |
Compatibility policy | Snapshots releases along with MediaWiki. Master is not backward compatible. |
MediaWiki | >= 1.37.0 |
Database changes | Yes |
Tables | account_requests account_credentials |
License | GNU General Public License 2.0 or later |
Download | README |
|
|
|
|
Quarterly downloads | 174 (Ranked 34th) |
Public wikis using | 953 (Ranked 279th) |
Translate the ConfirmAccount extension if it is available at translatewiki.net | |
Issues | Open tasks · Report a bug |
The ConfirmAccount extension disables direct account creation and requires the approval of new accounts by a bureaucrat. Direct account creation can still be enabled (if you want Administrators /Bureaucrats to be able to directly make them) by configuring User rights .
The ConfirmEdit extension can be used (in conjunction with the ConfirmAccount extension) in order to use captchas to stop flood requests (since version 1.39).
Installation
- Download and move the extracted
ConfirmAccount
folder to yourextensions/
directory.
Developers and code contributors should install the extension from Git instead, using:cd extensions/
git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmAccount - Add the following code at the bottom of your LocalSettings.php file:
wfLoadExtension( 'ConfirmAccount' ); $wgGroupPermissions['*']['createaccount'] = false; // REQUIRED to enforce account requests via this extension $wgGroupPermissions['bureaucrat']['createaccount'] = true; // optional to allow account creation by this trusted user group
- Run the update script which will automatically create the necessary database tables that this extension needs.
- Further configure as required.
- Ensure the wiki has write permissions on
$wgUploadDirectory
. - Please also note the known issues, because they may affect your wiki.
- Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.
Configuration
Optional
There are several configuration variables that can be adjusted in LocalSettings.php , after wfLoadExtension('ConfirmAccount');
See part "config"
in extension.json for all the variables that can be set.
$wgMakeUserPageFromBio = false;
$wgConfirmAccountRequestFormItems['Biography']['enabled'] = false;
$wgConfirmAccountRequestFormItems['Biography']['minWords'] = 10;
$wgGroupPermissions['sysop']['createaccount'] = false;
For example:
$wgWhitelistRead = [
'Special:RequestAccount',
'Main Page'
];
To further categorize users based on their interests, you can set up MediaWiki:Requestaccount-areas. This should be in a format like:
- *Topic|Topic wiki page|text to append to all interested users' bios |text to append to all interested users' bios in group0|text to append to all interested users' bios group1|text to append to all interested users' bios in group2|...
These group numbers are based on $wgAccountRequestTypes
.
So if 0 is the index for 'authors', then 'authors' interested in a topic will have the group0 text appended to their biography.
This can be useful, say, if users can be approved as either authors or editors.
Authors can have "category:X authors" where X is a topic, like "mathematics", and editors can have "category:x editors".
You can have as many groups as you want, but you need at least one.
Minimal
To attempt to prevent spam, instead of captchas, blacklists and filters; manually moderate new user registrations, with a simpler Request account. Requesting only a username, email address and brief message. Add the following to LocalSettings.php after the line require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";.
$wgMakeUserPageFromBio = false;
$wgAutoWelcomeNewUsers = false;
$wgConfirmAccountRequestFormItems = [
'UserName' => [ 'enabled' => true ],
'RealName' => [ 'enabled' => false ],
'Biography' => [ 'enabled' => false, 'minWords' => 50 ],
'AreasOfInterest' => [ 'enabled' => false ],
'CV' => [ 'enabled' => false ],
'Notes' => [ 'enabled' => true ],
'Links' => [ 'enabled' => false ],
'TermsOfService' => [ 'enabled' => false ],
];
Optionally tweak system messages: requestaccount-text, requestaccount-notes, requestaccount-ext-text, requestaccount-acc-text.
Usage
- As a bureaucrat (or other user with the confirmaccount permission), browse to
Special:ConfirmAccounts
- Click Review
- You will see the whole form with the users' data. Carefully review the form, and proceed to creating the account or rejecting the request.
- If you chose to create the account, the user's biography will become their userpage and the userpage will be automatically created with the default summary of Creating user page with biography of new user.
- After an account is created, the data input by the user at the time of the request can be referred to by typing the username at
Special:UserCredentials
LocalSettings.php
:
$wgConfirmAccountContact = 'Bureaucrat@domain.com';
Sending notification email to multiple users
This extension allows sending emails to multiple approvers to confirm the account if these users have the confirmaccount-notify
permission.
This is in addition/alternative to the $wgConfirmAccountContact
setting.
This can be achieved (for instance for bureaucrats) by providing them this permission by adding the following to the LocalSettings.php file:
$wgGroupPermissions['bureaucrat']['confirmaccount-notify'] = true;
Enhancements
Pruning Frequency
To combat robot-requests, default settings prevent rejected email accounts from re-requesting an account for a random period of time after rejection. If you want rejected emails to be able to re-request accounts immediately after rejection, or after a fixed wait-time (days, weeks, months, or even years after rejection), apply the following 2 steps:
1) In the LocalSettings.php
file, after required declaration, set Rejected-Age to 0 (for immediate expiration on rejection), or to your desired wait-time, in seconds:
wfLoadExtension( 'ConfirmAccount' );
$wgRejectedAccountMaxAge = 0;
2) Add one line to the file /frontend/specialpages/actions/RequestAccount_body.php
at the very end of the function showForm()
which shows the Request form, to force pruning right before any new request:
original code:
$out->addWikiMsg( 'requestaccount-footer' );
}
new code:
$out->addWikiMsg( 'requestaccount-footer' );
# PRUNE
ConfirmAccount::runAutoMaintenance();
}
"Request account" Link
If you would like to add a "Request account" login link, the latest version of the extension already adds it for you. However, if that doesn't work, you will need to update to the latest version of your branch of ConfirmAccount from Git. For instance, if you are using MediaWiki 1.35, you should stay on the REL1_35 branch but pull from Git to retrieve the latest changes.
Known issues
- If
$wgEmailConfirmToEdit = true;
is set users will need to confirm their email twice before being able to edit. See task T182337 for further information. - Do not set/create MediaWiki:Requestaccount-areas/xx where xx is a language code, the first part of each line is used as the keys to store in the DB for the items account requesters check.
- Older versions of MediaWiki may not show the link to Special:RequestAccount at the user login form. You can edit MediaWiki:loginprompt to remedy this.
- If your email client loses its mail data before sending it out, users will not get their passwords but may have an account. Since no one knows the passwords, you may want to use Special:ResetPassword to send them new ones.
- If only a few people view the confirm accounts page, the randomly triggered pruning of old requests will not trigger often, so old rejected requests may persist. This prevents email addresses from re-requesting accounts for an unknown time period. You can override this behavior, and allow immediate re-requests, by forcing prune right before any new Request is submitted. Instructions here.
- Extension is not working anymore with mediawiki 1.43; see here
- Integration with LDAP Authentication extension
- [solved] Captcha: before version 1.39, the captcha was not validated (see task T168783), there was only a specific patch for hCaptcha (see Topic:W449yd63slfossl2#flow-post-w457lxnfmrb51gct).
Troubleshooting
- Notification emails do not get sent
If you are testing, note that a user must first confirm their email address through the link emailed to them, and then the email will be sent to the bureaucrat to confirm the account.
Make sure that setting(s) related to extension are introduced after the require_once
line.
Not before, otherwise extension doesn't see these settings and they fail silently. e.g.
wfLoadExtension( 'ConfirmAccount' );
$wgConfirmAccountContact = "admin@example.com";
Also note that when using the confirmaccount-notify
setting, that each user in the group (e.g. sysop) will not receive notices unless their Email options in Special:Preferences allow "Allow other users to email me" and that they have confirmed their email address within the same form.
See also
- Extension:InviteSignup, for administrator-initiated (mass) account creation
- TwnMainPage extension, offering a "sandbox" where user can create an unprivileged account, propose some edits and ask approval
- Extension:Semantic Signup
- Extension:AcceptTermsOfUse - Allows for enforcing Terms of Use for self-service account creation.
This extension is included in the following wiki farms/hosts and/or packages: This is not an authoritative list. Some wiki farms/hosts and/or packages may contain this extension even if they are not listed here. Always check with your wiki farms/hosts or bundle to confirm. |