Cannot create a page on mediawiki

Question

When i submit a new page , i always get this error:

Sorry! We could not process your edit due to a loss of session data.

You might have been logged out. Please verify that you're still logged in and try again. If it still does not work, try logging out and logging back in, and check that your browser allows cookies from this site.

I am logged in to my mediawiki through AuthWP session provider , so i am logged in as a Wordpress user. I've installed mediawiki in a /wiki subfolder of my WP installation , and i have also AccessControl extension.

My username is always shown on the top right , even if i navigate mediawiki right after i get that error. So it seems that my session is still active.

Can you help me troubleshoot this please ? Let me know if i have to add some var_dumps in the code for you to check , or provide debug log file.

Here is my LocalSettings.php

# This file was automatically generated by the MediaWiki 1.41.1
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
#
# See includes/MainConfigSchema.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#
# Further documentation for configuration settings may be found at:
# https://www.mediawiki.org/wiki/Manual:Configuration_settings

# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
    exit;
}


## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;

$wgSitename = "GR Wiki";
$wgMetaNamespace = "GR_Wiki";

## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs
## (like /w/index.php/Page_title to /wiki/Page_title) please see:
## https://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = "/wiki";
$wgArticlePath = "/wiki/$1";
$wgUsePathInfo = true; 
$wgScriptExtension = ".php";

$wgShowExceptionDetails = true;
$wgShowSQLErrors = true;
$wgDebugDumpSql  = true;
$wgDebugLogFile = __DIR__ . "/debug_log";
// Define a log group
$wgDebugLogGroups = [
    'exception' => [
        'class' => 'FileLog',
        'logfile' => __DIR__ . '/debug_log',  // Ensure this matches $wgDebugLogFile
        'format' => '{date} {time} {level} {message}',
        'dateFormat' => 'Y-m-d',
        'timeFormat' => 'H:i:s',
    ],
    'runJobs' => [
        'class' => 'FileLog',
        'logfile' => __DIR__ . '/debug_log',  // Ensure this matches $wgDebugLogFile
        'format' => '{date} {time} {level} {message}',
        'dateFormat' => 'Y-m-d',
        'timeFormat' => 'H:i:s',
    ],
    'resourceloader' => [
        'class' => 'FileLog',
        'logfile' => __DIR__ . '/debug_log',  // Ensure this matches $wgDebugLogFile
        'format' => '{date} {time} {level} {message}',
        'dateFormat' => 'Y-m-d',
        'timeFormat' => 'H:i:s',
    ],
    'authentication' => [
        'class' => 'FileLog',
        'logfile' => __DIR__ . '/debug_log',  // Ensure this matches $wgDebugLogFile
        'format' => '{date} {time} {level} {message}',
        'dateFormat' => 'Y-m-d',
        'timeFormat' => 'H:i:s',
    ],
    'error' => [
        'class' => 'FileLog',
        'logfile' => __DIR__ . '/debug_log',  // Ensure this matches $wgDebugLogFile
        'format' => '{date} {time} {level} {message}',
        'dateFormat' => 'Y-m-d',
        'timeFormat' => 'H:i:s',
    ],
];


## The protocol and server name to use in fully-qualified URLs
$domain = "<stripped>";
$wgServer = "https://$domain";

## The URL path to static resources (images, scripts, etc.)
$wgResourceBasePath = $wgScriptPath;

## The URL paths to the logo.  Make sure you change this from the default,
## or else you'll overwrite your logo when you upgrade!
$wgLogos = [
    '1x' => "<stripped>",
    'icon' => "<stripped>",
];

## UPO means: this is also a user preference option

$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO

$wgEmergencyContact = "<stripped>";
$wgPasswordSender = "<stripped>";

$wgEnotifUserTalk = false; # UPO
$wgEnotifWatchlist = false; # UPO
$wgEmailAuthentication = true;

## mediawiki Database settings
$wgDBtype = "mysql";
$wgDBserver = "localhost";
$wgDBname = "<stripped>";
$wgDBuser = "<stripped>";
$wgDBpassword = "<stripped>";

# MySQL specific settings
$wgDBprefix = "mw_";
$wgDBssl = false;

# MySQL table options to use during installation or update
$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";

# Shared database table
# This has no effect unless $wgSharedDB is also set.
$wgSharedTables[] = "actor";

## Shared memory settings
$wgMainCacheType = CACHE_NONE;
$wgMemCachedServers = [];

## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = true;
#$wgUseImageMagick = true;
#$wgImageMagickConvertCommand = "/usr/bin/convert";

# InstantCommons allows wiki to use images from https://commons.wikimedia.org
$wgUseInstantCommons = false;

# Periodically send a pingback to https://www.mediawiki.org/ with basic data
# about this MediaWiki instance. The Wikimedia Foundation shares this data
# with MediaWiki developers to help guide future development efforts.
$wgPingback = true;

# Site language code, should be one of the list in ./includes/languages/data/Names.php
$wgLanguageCode = "en";

# Time zone
$wgLocaltimezone = "Asia/Jerusalem";

## Set $wgCacheDirectory to a writable directory on the web server
## to make your wiki go slightly faster. The directory should not
## be publicly accessible from the web.
#$wgCacheDirectory = "$IP/cache";

$wgSecretKey = "<stripped>";

# Changing this will log out all existing sessions.
$wgAuthenticationTokenVersion = "1";

# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "<stripped>";

## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "";
$wgRightsText = "";
$wgRightsIcon = "";

# Path to the GNU diff3 utility. Used for conflict resolution.
$wgDiff3 = "/usr/bin/diff3";

## Default skin: you can change the default skin. Use the internal symbolic
## names, e.g. 'vector' or 'monobook':
$wgDefaultSkin = 'monobook';

# Enabled skins.
# The following skins were automatically enabled:
wfLoadSkin( 'MinervaNeue' );
wfLoadSkin( 'MonoBook' );
wfLoadSkin( 'Timeless' );


#wfLoadExtension ( 'VisualEditor' );
# End of automatically generated settings.
# Add more configuration options below.

$wgTmpDirectory = "<stripped>";

$wgGroupPermissions['*']['read']            = true;
$wgGroupPermissions['*']['createaccount']   = false;
$wgGroupPermissions['*']['edit']            = false;
$wgGroupPermissions['*']['writeapi']        = false;
$wgGroupPermissions['*']['createpage']      = false;
$wgGroupPermissions['*']['createtalk']      = false;
# Grant permissions to logged-in users
$wgGroupPermissions['user']['read'] = true;
$wgGroupPermissions['user']['edit'] = true;
$wgGroupPermissions['user']['createpage'] = true;
$wgGroupPermissions['user']['createtalk'] = true;
$wgGroupPermissions['user']['writeapi'] = true;

# Grant additional permissions if needed
$wgGroupPermissions['user']['upload'] = true;
$wgGroupPermissions['user']['move'] = true;
$wgGroupPermissions['user']['delete'] = true;

wfLoadExtension( 'AccessControl' );


$wgCookieDomain = ".$domain"; // Leave empty for root domain
$wgCookiePath = '/wiki';
$wgSessionCacheType = CACHE_DB;
$wgSessionHandler = 'db';
$wgUseCookieDomainForLogin = true;

wfLoadExtension( 'AuthWP' );

require_once( __DIR__ . '/../wp-config.php' );
$wgAuthWPSettings = [
    'wordpress_db_host' => DB_HOST,    // The host of the WordPress database
    'wordpress_db_name' => DB_NAME, // The name of the WordPress database
    'wordpress_db_user' => DB_USER,      // The username for the WordPress database
    'wordpress_db_password' => DB_PASSWORD,  // The password for the WordPress database
    'wordpress_table_prefix' => 'wp_',     // The table prefix used in the WordPress database
    'wordpress_authentication' => true,    // Enable authentication against the WordPress database
    'wordpress_registration' => false,     // Disable registration from MediaWiki (handled by WordPress)
    'wordpress_auto_create' => true
];   

I have also dumped my Wordpress user from which the mediawiki session has been created by AuthWP, in case it is relevant. Here is where i put the dump instruction:

And here is the dump:

WP_User Object
(
    [data] => stdClass Object
        (...

...),
...,
[caps] => Array
        (
            [webdev_admin] => 1
            [translator] => 1
        )

    [cap_key] => wp_capabilities
    [roles] => Array
        (
            [0] => webdev_admin
            [1] => translator
        )

    [allcaps] => Array
        (
            [edit_posts] => 1
            [edit_others_posts] => 1
            [edit_published_posts] => 1
            [edit_private_posts] => 1
            [edit_pages] => 1
            [edit_others_pages] => 1
            [publish_pages] => 1
            [edit_published_pages] => 1
            [edit_private_pages] => 1
            [upload_files] => 1
            [activate_plugins] => 1
            [edit_files] => 1
            [edit_plugins] => 1
            [install_plugins] => 1
            [manage_options] => 1
            [read] => 1
            [unfiltered_html] => 1
            [loco_admin] => 1
            [level_0] => 1
            [manage_pys] => 1
            [delete_themes] => 1
            [edit_theme_options] => 1
            [edit_themes] => 1
            [install_themes] => 1
            [switch_themes] => 1
            [update_themes] => 1
            [webdev_admin] => 1
            [translator] => 1
        )

    [filter] =>
    [site_id:WP_User:private] => 1

Also i've dumped the UserInfo:

MediaWiki\Session\UserInfo Object
(
    [verified:MediaWiki\Session\UserInfo:private] => 1
    [user:MediaWiki\Session\UserInfo:private] => MediaWiki\User\User Object
        (
            [mId] => 4
            [mName] => <stripped>
            [mActorId] => 4
            [mRealName] => <stripped>
            [mEmail] => <stripped>
            [mTouched] => 20240516152718
            [mQuickTouched:protected] =>
            [mToken:protected] => <stripped>
            [mEmailAuthenticated] =>
            [mEmailToken:protected] =>
            [mEmailTokenExpires:protected] =>
            [mRegistration:protected] => 20240516152716
            [mLoadedItems:protected] => 1
            [mFrom] => id
            [mDatePreference:protected] =>
            [mBlockedby:MediaWiki\User\User:private] => -1
            [mHash:protected] =>
            [mBlockreason:protected] =>
            [mGlobalBlock:protected] =>
            [mLocked:protected] =>
            [mHideName:MediaWiki\User\User:private] =>
            [mRequest:MediaWiki\User\User:private] =>
            [mBlock:MediaWiki\User\User:private] =>
            [mBlockedFromCreateAccount:MediaWiki\User\User:private] =>
            [queryFlagsUsed:protected] => 1
            [mThisAsAuthority:MediaWiki\User\User:private] =>
            [isTemp:MediaWiki\User\User:private] =>
        )

)
 , forceUse=1, persisted=, id: <stripped>

Answer 1

This is a session loss, so there are three options:

• The session store (configured via $wgSessionCacheType) can't actually store data. (Sometimes this happens when MediaWiki tries to use WinCache as the session store.)
• The browser cannot retain cookies for some reason. You can verify this in the browser's developer toolbar. (Although it looks like your session provider shouldn't depend on cookies at all.)
• A bug in the session provider class (looks fine at a glance, it is very simple).

I'd guess it's the first. Try changing $wgSessionCacheType (CACHE_DB is not very performant but very robust, so good for debugging).

If that doesn't work, here are some debugging commands you can try (via maintenance/shell.php):

$services = \MediaWiki\MediaWikiServices::getInstance()

$WP_relpath = services->getConfigFactory()
            ->makeConfig( 'AuthWP' )
            ->get( 'AuthWPPath' );
require_once $WP_relpath . DIRECTORY_SEPARATOR . 'wp-load.php';
$wp_user = wp_get_current_user();
$wp_user_login = $services->getUserNameUtils()->getCanonical(
            $wp_user->user_login, UserRigorOptions::RIGOR_USABLE );

sudo $provider = \MediaWiki\Session\SessionManager::singleton()->getProvider( AuthWPSessionProvider::class );
sudo $sessionId = $provider->hashToSessionId( $wp_user_login );

global $wgSessionCacheType;
ObjectCache::getInstance( $wgSessionCacheType )->get( "MWSession:$sessionId" );

which should return the session data. It probably won't but at least you can check whether the problem is on the Wordpress side or the session store side.