API:Checktoken
From mediawiki.org
This page is part of the MediaWiki Action API documentation.
| MediaWiki Action API |
|---|
| Basics |
| Authentication |
| Accounts and Users |
| Page Operations |
|
| Search |
| Developer Utilities |
| Tutorials |
| v · d · e |
GET request to check the validity of a token from the tokens module. It will only work if the request comes from the owner of the token, it can not be used by third parties to check the token's validity, for that you would have to use extensions such as Extension:Third party session verification .
MediaWiki version:
≥ 1.25
API documentation
[edit ] The following documentation is the output of Special:
action=checktoken
(main | checktoken)
- This module requires read rights.
- Source: MediaWiki
- License: GPL-2.0-or-later
Check the validity of a token from action=query&meta=tokens .
Specific parameters:
Other general parameters are available.
- type
Type of token being tested.
- This parameter is required.
- One of the following values: createaccount, csrf, deleteglobalaccount, login, patrol, rollback, setglobalaccountstatus, userrights, watch
- token
Token to test.
- This parameter is required.
- maxtokenage
Maximum allowed age of the token, in seconds.
- Type: integer
Example:
- Test the validity of a csrf token.
- api.php?action=checktoken&type=csrf&token=123ABC [open in sandbox]
Example
[edit ]GET request
[edit ]Check a CSRF token.
Response
[edit ]{ "checktoken":{ "result":"invalid" } }
Sample code
[edit ]Python
[edit ]#!/usr/bin/python3 """ check_token.py MediaWiki API Demos Demo of `Checktoken` module: Check a CSRF token. MIT License """ importrequests S = requests.Session() URL = "https://en.wikipedia.org/w/api.php" PARAMS = { "action": "checktoken", "token": "123ABC", "type": "csrf", "format": "json" } R = S.get(url=URL, params=PARAMS) DATA = R.json() print(DATA)
PHP
[edit ]<?php /* check_token.php MediaWiki API Demos Demo of `Checktoken` module: Check a CSRF token. MIT License */ $endPoint = "https://en.wikipedia.org/w/api.php"; $params = [ "action" => "checktoken", "token" => "123ABC", "type" => "csrf", "format" => "json" ]; $url = $endPoint . "?" . http_build_query( $params ); $ch = curl_init( $url ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); $output = curl_exec( $ch ); curl_close( $ch ); echo( $output );
JavaScript
[edit ]/* check_token.js MediaWiki API Demos Demo of `Checktoken` module: Check a CSRF token. MIT License */ varurl="https://en.wikipedia.org/w/api.php"; varparams={ action:"checktoken", token:"123ABC", type:"csrf", format:"json" }; url=url+"?origin=*"; Object.keys(params).forEach(function(key){url+="&"+key+"="+params[key];}); fetch(url) .then(function(response){returnresponse.json();}) .then(function(response){console.log(response);}) .catch(function(error){console.log(error);});
MediaWiki JS
[edit ]/* check_token.js MediaWiki API Demos Demo of `Checktoken` module: Check a CSRF token. MIT License */ varparams={ action:'checktoken', token:'123ABC', type:'csrf', format:'json' }, api=newmw.Api(); api.get(params).done(function(data){ console.log(data); });
Possible errors
[edit ]| Code | Info |
|---|---|
| notoken | The token parameter must be set. |
| notype | The type parameter must be set. |
| unknown_type | Unrecognized value for parameter type: ###. |