Active Tasks By Project

Project: MediaWiki-Authentication-and-authorization

Switch to All Tasks 31 Phabricator task(s).

Phabricator Link	Wiki Link	Status	Priority	Author	Assignee	Projects	Subtasks	Parent Tasks
T120484	T120484: Create password-authentication service for use by CentralAuth	open	Medium (orange)	csteipp (Chris Steipp)		MediaWiki-extensions-CentralAuth (Incoming) MediaWiki-Authentication-and-authorization (Backlog)	T88811: Develop use-cases & user stories for authnz service	T140813: Protect sensitive user-related information with a UserData / auth / session service
T133452	T133452: RFC: Create temporary accounts for anonymous editors	open	Needs Triage (violet)	Tgr (Gergő Tisza)		WMF-Legal (Assigned) Privacy Security-Team-Services (Privacy Engineering) (Watching) MediaWiki-Authentication-and-authorization (Backlog) User-Tgr (Backlog) TechCom-RFC (P2: Resource)
T134842	T134842: SpecialCentralAutoLogin calls User::saveSettings() on HTTP GET presend	open	Medium (orange)	aaron (Aaron Schulz)		Sustainability (Tag) MediaWiki-extensions-CentralAuth (Incoming) MediaWiki-Authentication-and-authorization (Backlog)		T92357: Fix database master queries from HTTP GET/HEAD before active-active multi-dc
T154552	T154552: ApiLogin should not open master connection to centralauth DB	stalled	Medium (orange)	Catrope (Roan Kattouw)		MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-extensions-CentralAuth (Incoming) Sustainability (MediaWiki-MultiDC) (Later)	T150506: Avoid lazyImportLocalNames() master writes on GET requests (Run a script to backfill them once for all)
T154946	T154946: Trying to log in using a BotPassword from the wrong IP gives incorrect password error	open	Needs Triage (violet)	Krenair (Alex Monk)		MediaWiki-API (Needs details or plan) MediaWiki-Authentication-and-authorization (Backlog)
T158365	T158365: Session "{session}": Metadata merge failed: {exception}	open	Medium (orange)	thcipriani (Tyler Cipriani)		Platform Engineering (Icebox) MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-extensions-CentralAuth (Incoming) Wikimedia-production-error (Older)
T179752	T179752: Clear site data on MediaWiki log out	open	Medium (orange)	Krinkle (Timo Tijhof)		Performance-Team (Radar) (Watching) MediaWiki-Authentication-and-authorization (Backlog) Analytics (Analytics-Radar) (Radar - Watching) Security-Team-Services (Privacy Engineering) (Backlog)
T181687	T181687: Give RESTBase / MCS requests the apihighlimits right	open	Needs Triage (violet)	Tgr (Gergő Tisza)		Services (watching) MediaWiki-Authentication-and-authorization (Backlog) RESTBase (Backlog) Platform Team Legacy (Watching / External) Mobile-Content-Service (Incoming) Product-Infrastructure-Team-Backlog (Tracking)
T181869	T181869: Error "Session {session}: Metadata has an anonymous user, but a non-anon user was provided"	open	Medium (orange)	Krinkle (Timo Tijhof)		Platform Team Workboards (Clinic Duty Team) (Later) MediaWiki-Authentication-and-authorization (Backlog) Wikimedia-production-error (Older) MediaWiki-extensions-CentralAuth (Incoming)
T189362	T189362: ipblock-exempt does not allow account creation when blocked	open	Medium (orange)	SQL		Patch-For-Review MediaWiki-Blocks (Backlog) MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-User-login-and-signup (Backlog) Platform Team Workboards (Clinic Duty Team) (Later)
T189641	T189641: Service for checking the Pwned Passwords database	open	Low (yellow)	Tgr (Gergő Tisza)		Platform Team Legacy (Watching / External) MediaWiki-Authentication-and-authorization (Backlog) Services (watching) MediaWiki-User-login-and-signup (Backlog) SecTeam-Processed (Completed) Security WMF-Legal (Backlog) User-Tgr (Next)
T199393	T199393: Reproducible deadlock in User::addToDatabase() when api.php?action=createaccount is called simultaneously by several users	open	Medium (orange)	edwardspec (Edward Chernenko)		Wikimedia-database-error (Query) MW-1.36-notes (1.36.0-wmf.26; 2021-01-12) Platform Team Workboards (External Code Reviews) (External Code Review Needed) Patch-For-Review MediaWiki-Authentication-and-authorization (Backlog) Performance-Team (Radar) (Perf recommendation) MW-1.38-notes (1.38.0-wmf.18; 2022-01-17)
T204787	T204787: Session Warning: "User ID mismatch, {uid_a} !== {uid_b}"	open	Medium (orange)	Krinkle (Timo Tijhof)		Wikimedia-production-error (Older) MediaWiki-Authentication-and-authorization (Backlog) Platform Team Workboards (Clinic Duty Team) (Later)
T214215	T214215: MinimumPasswordLengthToLogin error message is unhelpful	open	High (red)	dmaza (Dayllan Maza)		Platform Team Workboards (Clinic Duty Team) (External Code Review Completed) MediaWiki-Authentication-and-authorization (Backlog) Patch-For-Review
T223898	T223898: Remove the requirement to enter a password during the login flow	open	Needs Triage (violet)	Florian (Florianschmidtwelzow)		Platform Engineering (Icebox) MediaWiki-Authentication-and-authorization (Backlog) PasswordlessLogin (Backlog)
T246471	T246471: Login authevents should include the username	open	Needs Triage (violet)	Reedy (Sam Reed)		MediaWiki-API (Needs details or plan) MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-Special-pages (To triage)
T246943	T246943: Login failed/disappeared during 2FA	open	Medium (orange)	Krinkle (Timo Tijhof)	daniel (Daniel Kinzler)	MediaWiki-Authentication-and-authorization (Backlog) Platform Team Workboards (Clinic Duty Team) (Later) MediaWiki-extensions-OATHAuth (Backlog) MediaWiki-extensions-CentralAuth (Incoming)
T248339	T248339: Decide how to deal with WebAuthn login/registration flow on Wikimedia wikis in future	open	Needs Triage (violet)	Reedy (Sam Reed)		SecTeam Discussion MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-extensions-OATHAuth (Backlog) Platform Engineering (Tracking/Watching) Security-Team (Watching)	T248367: Update messages to notify WebAuthn users that they need to login on the same wiki they registered	T244088: Logging in at another wiki than WebAuth was set up fails
T255369	T255369: apihelp-clientlogin-example-login2 is misleading in MW core	open	Lowest (sky)	Reedy (Sam Reed)		MediaWiki-API (Unsorted) Voice & Tone (Backlog) MediaWiki-Authentication-and-authorization (Backlog) Platform Engineering (Volunteer Needed Tasks)
T255370	T255370: Document best practices for user login if user is using 2FA	open	Low (yellow)	Reedy (Sam Reed)		Platform Team Initiatives (API Gateway) Documentation (Backlog) MediaWiki-Documentation Security MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-extensions-OATHAuth (Backlog)
T256956	T256956: Clean up getCacheVaryCookies()/haveCacheVaryCookies()	open	Medium (orange)	tstarling (Tim Starling)		Performance-Team (Radar) (Watching) Platform Engineering Roadmap Decision Making (Icebox) MediaWiki-Authentication-and-authorization (Backlog)
T262958	T262958: PasswordError when attempting to create a new user with createAndPromote.php	open	Low (yellow)	Mholloway (Michael Holloway)		MediaWiki-Authentication-and-authorization (Backlog) Platform Team Workboards (Clinic Duty Team) (Later)
T264794	T264794: SessionManager should not emit Set-Cookies on session renewal	open	Needs Triage (violet)	Tgr (Gergő Tisza)		Platform Team Workboards (External Code Reviews) (External Code Review In Progress) MediaWiki-Authentication-and-authorization (Backlog) Patch-For-Review
T265400	T265400: Research to create service for SessionManager::singleton()/getGlobalSession()	open	Needs Triage (violet)	Umherirrender (Umherirrender)		Dependency injection MediaWiki-Authentication-and-authorization (Backlog)		T259960: Inject services into API modules and special pages
T265769	T265769: Research to create service for BotPassword class	open	Needs Triage (violet)	Umherirrender (Umherirrender)	DannyS712	MW-1.36-notes (1.36.0-wmf.16; 2020-11-03) MW-1.37-notes (1.37.0-wmf.16; 2021-07-26) Patch-For-Review MediaWiki-Authentication-and-authorization (Backlog) Dependency injection User-DannyS712 (Awaiting review and deployment)	T265767: Research to create service for CentralIdLookup::factory	T259960: Inject services into API modules and special pages
T270225	T270225: Finish session storage to actually meet multi-DC requirements	open	High (red)	Krinkle (Timo Tijhof)		MediaWiki-Authentication-and-authorization (Backlog) Platform Engineering Roadmap (Later (future inbox)) MW-1.37-notes (1.37.0-wmf.3; 2021-04-27)	T222990: Audit session storage to determine max age of un-GC'd sessions	T270223: FY2021-2022: Enable basic Multi-DC operations for read traffic (tracking)
T284020	T284020: Support bot passwords in the REST API	open	Needs Triage (violet)	Lucas_Werkmeister_WMDE (Lucas Werkmeister (WMDE))		Patch-For-Review Platform Team Workboards (External Code Reviews) (External Code Review Needed) MediaWiki-REST-API (Backlog) MediaWiki-Authentication-and-authorization (Backlog)
T292375	T292375: Figure out how to force-logout users cross-wiki	open	Needs Triage (violet)	Zabe		MediaWiki-Authentication-and-authorization (Backlog) Platform Team Workboards (MW Expedition) (Unsorted pile) MediaWiki-Blocks (Backlog)		T291994: Properly support cross-wiki blocking
T37220	T37220: Allow per-session log out	open	Low (yellow)	liangent (Liangent)		MediaWiki-extensions-CentralAuth (Incoming) MediaWiki-User-login-and-signup (Backlog) MediaWiki-Authentication-and-authorization (Backlog)		T58212: Add a feature to track and terminate specific login sessions
T58212	T58212: Add a feature to track and terminate specific login sessions	open	Needs Triage (violet)	Jidanni (Dan Jacobson 積丹尼)		Platform Engineering (Feature Requests to Review) MediaWiki-Authentication-and-authorization (Backlog) MediaWiki-User-login-and-signup (Backlog)	T37220: Allow per-session log out
T88811	T88811: Develop use-cases & user stories for authnz service	open	Medium (orange)	bd808 (Bryan Davis)		Services (later) MediaWiki-Authentication-and-authorization (Backlog) Platform Team Legacy (Later)		T120484: Create password-authentication service for use by CentralAuth