Breaking: #92801 - Removed "Failed Login" functionality from User Authentication object¶
The functionality to send an email to a defined sender was previously hard-coded
into the API class
AbstractUserAuthentication and activated specifically for
Backend Users via the option
With some custom implementation it was also possible to use a hook to enable this for frontend users, but the API was not clean.
The backend-user specific logic is now extracted into a hook, so it is possible to replace this functionality with a custom notification API.
For this reason, the following public properties and methods within
AbstractUserAuthentication and its subclasses have been removed:
Using one of the public properties in custom PHP will trigger a PHP Warning.
Calling the public PHP method will result in a fatal PHP error.
TYPO3 installations with third-party extensions and custom PHP code that is related to failed login notifications, and rely on the existing login notification code.
As the properties were public, they made it possible to override the warningMax / warningPeriod values via hooks and middlewares in PHP.
Instead it is recommended to override this functionality via a hook the same way the new hook in EXT:backend is registered within PHP.