MDL-67264 core_course: Activity chooser new feature
[moodle.git] / auth / upgrade.txt
CommitLineData
e922fe23
PS
1This files describes API changes in /auth/* - plugins,
2information provided here is intended especially for developers.
3
089e9180
SA
4=== 3.9 ===
5
6* The following functions, previously used (exclusively) by upgrade steps are not available anymore because of the upgrade cleanup performed for this version. See MDL-65809 for more info:
7 - upgrade_fix_config_auth_plugin_names()
8 - upgrade_fix_config_auth_plugin_defaults()
9
206ec328
SR
10=== 3.7 ===
11
12* get_password_change_info() method is added to the base class and returns an array containing the subject and body of the message
13 to the user that contains instructions on how to change their password. Authentication plugins can override this method if needed.
14
6dfe4283
DW
15=== 3.6 ===
16
17* Login forms generated from Moodle must include a login token to protect automated logins. See \core\session\manager::get_login_token().
18
55595bcf
MN
19=== 3.5 ===
20
21* The auth_db and auth_ldap plugins' implementations of update_user_record() have been removed and both now
22 call the new implementation added in the base class.
1727c939
MG
23* Self registration plugins should use core_privacy\local\sitepolicy\manager instead of directly checking
24 $CFG->sitepolicy , especially in custom signup forms. See https://docs.moodle.org/dev/Site_policy_handler
55595bcf 25
037273d8
SB
26=== 3.3 ===
27
2b948c20
DM
28* Authentication plugins have been migrated to use the admin settings API. Plugins should use a settings.php file to
29 manage configurations rather than using the old config.html files. See how the helper function
30 upgrade_fix_config_auth_plugin_names() can be used to convert the legacy settings to the new ones. Another helper
31 function upgrade_fix_config_auth_plugin_defaults() can be used to populate the settings with default values so that
32 they are not falsely reported as newly added ones.
037273d8
SB
33* The function 'print_auth_lock_options' has been replaced by 'display_auth_lock_options' which uses the admin settings API.
34 See auth_manual as an exmple of how it can be used. More information can be found in MDL-12689.
1cb5c7b3
DM
35* The list of supported identity providers (SSO IdP) returned by the 'loginpage_idp_list' method (used to render the
36 login page and login block links) now supports a new key 'iconurl' which should be used instead of the legacy 'icon'.
037273d8 37
cffd0fa1
J
38=== 3.2 ===
39
40* New auth hook - pre_user_login_hook() - available, triggered right after the user object is created.
41 This can be used to modify the user object before any authentication errors are raised.
876fc282 42* The block_login now displays the loginpage_idp_list() links as well as main login page.
4d27d62d 43* The authentication plugin auth_radius has been moved to https://github.com/moodlehq/moodle-auth_radius
d6a25bc4
JL
44* New auth_email::user_signup_with_confirmation() method has a new optional parameter $confirmationurl to provide a different
45 confirmation URL.
813320fb 46* New signup_is_enabled() function available in lib/authlib.php to safely check if sign-up is enabled in the site.
cffd0fa1 47
0f7f3002
MG
48=== 3.0 ===
49
50* login_signup_form::signup_captcha_enabled() now calls is_captcha_enabled() from the current auth plugin instead of from auth_email
51
f720c2c0
PS
52=== 2.9 ===
53
54* Do not update user->firstaccess from any auth plugin, the complete_user_login() does it automatically.
55
1d658535
PS
56* Add user_add_password_history() to user_signup() method.
57
31f5ee4a
EL
58* New auth hook - pre_loginpage_hook() - available, triggered before redirecting to the login page.
59
c6b5f18d
PS
60=== 2.8 ===
61
62* \core\session\manager::session_exists() now verifies the session is active
63 instead of only checking the session data is present in low level session handler
64
1899519c
AG
65* MNet is no longer sending logs between the client and parent sites. auth_plugin_mnet::refresh_log() is now deprecated. There is
66 no alternative. Please don't use this function.
67
963cdce4
AA
68=== 2.7 ===
69
70* If you are returning a url in method change_password_url() from config, please make sure it is set before trying to use it.
71
b573724a
MN
72=== 2.6 ===
73
74* can_be_manually_set() - This function was introduced in the base class and returns false by default. If overriden by
75 an authentication plugin to return true, the authentication plugin will be able to be manually set for users. For example,
76 when bulk uploading users you will be able to select it as the authentication method they use.
ee362526 77
a2dd56d2
PS
78=== 2.4 ===
79
80required changes in code:
81* use role_get_name() or role_fix_names() if you need any role names, using role.name
82 directly from database is not correct any more
83
57d38adc
MA
84optional - no changes needed:
85* add support for custom user signup form - see auth_plugin_base::signup_form() function
a2dd56d2 86
e922fe23
PS
87=== 2.2 ===
88
89required changes in code:
90* the correct sequence to set up global $USER is:
91 $user = get_complete_user_data('username', $username); // or $user = authenticate_user_login()
92 enrol_check_plugins($user);
93 session_set_user($user);