*/
public static function setLoginToken() {
global $wgRequest;
- // Use User::generateToken() instead of $user->editToken()
+ // Generate a token directly instead of using $user->editToken()
// because the latter reuses $_SESSION['wsEditToken']
- $wgRequest->setSessionData( 'wsLoginToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsLoginToken', MWCryptRand::generateHex( 32 ) );
}
/**
*/
public static function setCreateaccountToken() {
global $wgRequest;
- $wgRequest->setSessionData( 'wsCreateaccountToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsCreateaccountToken', MWCryptRand::generateHex( 32 ) );
}
/**