Add CSRF support (MediaWiki bug 23076)

[mw] / src / mw / clicommands.py

diff --git a/src/mw/clicommands.py b/src/mw/clicommands.py
index 9d8b2dc1e08bef229af2ddfb9a872fe6faff61ee..a42bcfbab0107492d5f2c0b6acfac9d910228dc1 100644 (file)
--- a/src/mw/clicommands.py
+++ b/src/mw/clicommands.py
@@ -57,6 +57,16 @@ class CommandBase(object):
         if result['login']['result'] == 'Success':
             # cookies are saved to a file
             print 'Login successful! (yay)'
+        elif result['login']['result'] == 'NeedToken':
+            print'Login with token'
+            result = self.api.call({'action': 'login',
+                               'lgname': user,
+                               'lgpassword': passwd,
+                               'lgtoken': result['login']['token']})
+            if result['login']['result'] == 'Success':
+                print 'Login successful! (yay)'
+    else:
+        print 'Login failed: %s' % result['login']['result']
         else:
             print 'Login failed: %s' % result['login']['result']
 
@@ -180,6 +190,10 @@ class CommitCommand(CommandBase):
         self.parser.add_option('-m', '--message', dest='edit_summary',
                                help='don\'t prompt for edit summary and '
                                'use this instead')
+        self.parser.add_option('--bot', dest='bot', action='store_true',
+                               help='mark actions as a bot (won\'t affect '
+                               'anything if you don\'t have the bot right',
+                               default=False)
 
     def _do_command(self):
         self._die_if_no_init()
@@ -231,6 +245,8 @@ class CommitCommand(CommandBase):
                         'md5': textmd5,
                         'summary': edit_summary,
                 }
+                if self.options.bot:
+                    data['bot'] = 'bot'
                 response = self.api.call(data)
                 if response['edit']['result'] == 'Success':
                     data = {