Question
I've locked down my MediaWiki instance so only registered users can read or write to it (it's "private"). This means any API requests need to be authenticated. From what I can tell, the only way to do so is by "logging in" with credentials, setting cookies on the server then making new requests with a special token you get after you log in.
Instead I would like to send my credentials to log in for every single request, so not to worry about setting cookies or tokens. This means I only need to make one request, not several, but each request would "log in".
Eg:
http://mywiki.com/api.php?action=query&dowhatever&username=MyName&password=MyPassword
or by sending special HTTP headers.
Can it be done? Has anyone made an extension to allow this?
Solution
It doesn't appear to be possible by default. You need to use/write an extension.
I wrote my own API script that bypasses all of the default MediaWiki code (including security which is good and bad). It needs work and it has obvious security flaws, but it's a start. I don't recommend it for a production website. Here it is.
OTHER TIPS
There is no way to do this. You only need to log in once, though, to get a cookie for the session. You'll need to make sure you pass this cookie back in future API requests. See https://www.mediawiki.org/wiki/Api for more details.
https://stackoverflow.com/questions/19151104
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian