Using external API for MediaWiki authorization

Question

So I have the website that provides the API for logging in/registering/etc. And I have the MediaWiki set up at my server.

I need to disallow MediaWiki registration and only allow logging people in through our API. So, when the user tries to login, no request to MediaWiki db for the user should be done, instead the request to our API should be done, logging person in if our API returned the correct data and displaying an error if it didn't.

Is there a way to get it done with MediaWiki?
Thanks in advance.

Answer 1

You can have a look at Extension:Auth remoteuser, it could fit at least partly you needs.

Answer 2

Your question is very broad and involves some development but also a lot of configuration as well. So, let's start:

First of all, you need to somehow integrate with the API you mentioned, which is possible by developing your own primary authentication provider. See the high level documentation. In this, you will have all the necessary entry points a user might hit when logging in or registering a new account and you can "translate" them to the actual actions which you need to do in your API (which you do not mention what it is or provides, so we can not give you better guidance here).

The second step would then be to configure this new authentication provider as the only one using $wgAuthManagerConfig which will in fact disable all other ways of creating other accounts as well as logging in with other accounts then the ones provided from your API.

If you've more questions, I would suggest that you provide more information and specific points where you're stuck :)