What is the token for and how it is worked with?

[mudrd8mz]

 $token = md5($USER->username . $USER->firstname . $USER->lastname . $COURSE->id . $time . $USER->email .
            get_config('typorepo', 'typorepo_secret'));

This token is calculated both in the activity module and in the block. What is it for and why is it calculated like this?

[stefanscholz]

We encrypt the user data that we transmit to TYPO3 in the form of the token. Originally, we had planned to use username, firstname, lastname and email because TYPO3 provides several features that would benefit from this information, for example custom notifications like reminders. Also, the way the content is built in TYPO3 usually greets learners with their firstname to make it a little more personal.

Also, current customers mostly have both TYPO3 and moodle on the same server, maintained by the same administrators.

We have decided to remove the data from the plugin database version and adjusted the TYPO3 content so that it works without any of the data. Reminders won't work like this (at least not from TYPO3), but we can always add that feature in later on — of course as an optional thing which needs to be turned on by the administrator, with appropriate information and warnings. And of course, with a fitting implementation of the privacy provider.

Hope this makes sense! (and sorry that we did not explain it like that from the beginning!)