I'm creating an auth plugin for Moodle which is based on a token in a cookie which is created by another application. The Idea is that if the token in the cookie is not valid or missing a special custom site is displayed instead of the login site of Moodle. If the authentication was successful, the user should be redirected directly to a course page.
In the Moodle documentation for auth plugins there is the option to hook the loading of the login page to inject some content but it seems that there's no way to fully control what is rendered.
So how can I replace all the content of the default login site?