See parent task and T110414#1578206.
The AbortLogin hook is deprecated. Implement a PreAuthenticationProvider or SecondaryAuthenticationProvider instead.
The UserSetCookies hook is deprecated. Chances are what you're doing in there would be better done by saving the data in memcache or the database from a SecondaryAuthenticationProvider. This also takes care of the use of the deprecated UserLoginForm hook.
The UserLoadFromSession hook is deprecated. You'd probably want to use the SessionMetadata hook to replace the parts that store data and the SessionCheckInfo hook to replace the parts that check it and return a false result.