is there any API for hooking into the login process w/o changing the core ?
For one of our customers we needed to ask for an additional token on login.
We've modified the core to run through our own JSP pages for that.
While this works, it's obviously not ideal. So I'd like to know if there's
some more standard approach for that, without having to patch the core.