| 1 |
efrain |
1 |
This files describes API changes in /auth/* - plugins,
|
|
|
2 |
information provided here is intended especially for developers.
|
|
|
3 |
|
|
|
4 |
=== 4.4 ===
|
|
|
5 |
|
|
|
6 |
* A sesskey is no longer passed to the auth/test_settings.php page so it can no longer be required in test_settings().
|
|
|
7 |
* Auth plugins can now attempt to identify users running CLI scripts using a new method find_cli_user()
|
|
|
8 |
|
|
|
9 |
=== 4.2 ===
|
|
|
10 |
* Support for configuration with the deprecated auth_config.php file has been removed.
|
|
|
11 |
* The moodle-auth-passwordunmask YUI module has been removed. Any uses should be replaced with core_form/passwordunmask.
|
|
|
12 |
|
|
|
13 |
=== 3.9 ===
|
|
|
14 |
|
|
|
15 |
* The following functions, previously used (exclusively) by upgrade steps are not available anymore because of the upgrade cleanup performed for this version. See MDL-65809 for more info:
|
|
|
16 |
- upgrade_fix_config_auth_plugin_names()
|
|
|
17 |
- upgrade_fix_config_auth_plugin_defaults()
|
|
|
18 |
|
|
|
19 |
=== 3.7 ===
|
|
|
20 |
|
|
|
21 |
* get_password_change_info() method is added to the base class and returns an array containing the subject and body of the message
|
|
|
22 |
to the user that contains instructions on how to change their password. Authentication plugins can override this method if needed.
|
|
|
23 |
|
|
|
24 |
=== 3.6 ===
|
|
|
25 |
|
|
|
26 |
* Login forms generated from Moodle must include a login token to protect automated logins. See \core\session\manager::get_login_token().
|
|
|
27 |
|
|
|
28 |
=== 3.5 ===
|
|
|
29 |
|
|
|
30 |
* The auth_db and auth_ldap plugins' implementations of update_user_record() have been removed and both now
|
|
|
31 |
call the new implementation added in the base class.
|
|
|
32 |
* Self registration plugins should use core_privacy\local\sitepolicy\manager instead of directly checking
|
|
|
33 |
$CFG->sitepolicy , especially in custom signup forms.
|
|
|
34 |
|
|
|
35 |
=== 3.3 ===
|
|
|
36 |
|
|
|
37 |
* Authentication plugins have been migrated to use the admin settings API. Plugins should use a settings.php file to
|
|
|
38 |
manage configurations rather than using the old config.html files. See how the helper function
|
|
|
39 |
upgrade_fix_config_auth_plugin_names() can be used to convert the legacy settings to the new ones. Another helper
|
|
|
40 |
function upgrade_fix_config_auth_plugin_defaults() can be used to populate the settings with default values so that
|
|
|
41 |
they are not falsely reported as newly added ones.
|
|
|
42 |
* The function 'print_auth_lock_options' has been replaced by 'display_auth_lock_options' which uses the admin settings API.
|
|
|
43 |
See auth_manual as an exmple of how it can be used. More information can be found in MDL-12689.
|
|
|
44 |
* The list of supported identity providers (SSO IdP) returned by the 'loginpage_idp_list' method (used to render the
|
|
|
45 |
login page and login block links) now supports a new key 'iconurl' which should be used instead of the legacy 'icon'.
|
|
|
46 |
|
|
|
47 |
=== 3.2 ===
|
|
|
48 |
|
|
|
49 |
* New auth hook - pre_user_login_hook() - available, triggered right after the user object is created.
|
|
|
50 |
This can be used to modify the user object before any authentication errors are raised.
|
|
|
51 |
* The block_login now displays the loginpage_idp_list() links as well as main login page.
|
|
|
52 |
* The authentication plugin auth_radius has been moved to https://github.com/moodlehq/moodle-auth_radius
|
|
|
53 |
* New auth_email::user_signup_with_confirmation() method has a new optional parameter $confirmationurl to provide a different
|
|
|
54 |
confirmation URL.
|
|
|
55 |
* New signup_is_enabled() function available in lib/authlib.php to safely check if sign-up is enabled in the site.
|
|
|
56 |
|
|
|
57 |
=== 3.0 ===
|
|
|
58 |
|
|
|
59 |
* login_signup_form::signup_captcha_enabled() now calls is_captcha_enabled() from the current auth plugin instead of from auth_email
|
|
|
60 |
|
|
|
61 |
=== 2.9 ===
|
|
|
62 |
|
|
|
63 |
* Do not update user->firstaccess from any auth plugin, the complete_user_login() does it automatically.
|
|
|
64 |
|
|
|
65 |
* Add user_add_password_history() to user_signup() method.
|
|
|
66 |
|
|
|
67 |
* New auth hook - pre_loginpage_hook() - available, triggered before redirecting to the login page.
|
|
|
68 |
|
|
|
69 |
=== 2.8 ===
|
|
|
70 |
|
|
|
71 |
* \core\session\manager::session_exists() now verifies the session is active
|
|
|
72 |
instead of only checking the session data is present in low level session handler
|
|
|
73 |
|
|
|
74 |
* MNet is no longer sending logs between the client and parent sites. auth_plugin_mnet::refresh_log() is now deprecated. There is
|
|
|
75 |
no alternative. Please don't use this function.
|
|
|
76 |
|
|
|
77 |
=== 2.7 ===
|
|
|
78 |
|
|
|
79 |
* If you are returning a url in method change_password_url() from config, please make sure it is set before trying to use it.
|
|
|
80 |
|
|
|
81 |
=== 2.6 ===
|
|
|
82 |
|
|
|
83 |
* can_be_manually_set() - This function was introduced in the base class and returns false by default. If overriden by
|
|
|
84 |
an authentication plugin to return true, the authentication plugin will be able to be manually set for users. For example,
|
|
|
85 |
when bulk uploading users you will be able to select it as the authentication method they use.
|
|
|
86 |
|
|
|
87 |
=== 2.4 ===
|
|
|
88 |
|
|
|
89 |
required changes in code:
|
|
|
90 |
* use role_get_name() or role_fix_names() if you need any role names, using role.name
|
|
|
91 |
directly from database is not correct any more
|
|
|
92 |
|
|
|
93 |
optional - no changes needed:
|
|
|
94 |
* add support for custom user signup form - see auth_plugin_base::signup_form() function
|
|
|
95 |
|
|
|
96 |
=== 2.2 ===
|
|
|
97 |
|
|
|
98 |
required changes in code:
|
|
|
99 |
* the correct sequence to set up global $USER is:
|
|
|
100 |
$user = get_complete_user_data('username', $username); // or $user = authenticate_user_login()
|
|
|
101 |
enrol_check_plugins($user);
|
|
|
102 |
session_set_user($user);
|