Callback used by AuthDomainBasic for authentication purposes.
The application should verify that username
and password
and valid and return true
or false
.
If you are maintaining your own password database (rather than using the password to authenticate against some other system like PAM or a remote server), you should make sure you know what you are doing. In particular, don't store cleartext passwords, or easily-computed hashes of cleartext passwords, even if you don't care that much about the security of your server, because users will frequently use the same password for multiple sites, and so compromising any site with a cleartext (or easily-cracked) password database may give attackers access to other more-interesting sites as well.
domain |
the domain |
msg |
the message being authenticated |
username |
the username provided by the client |
password |
the password provided by the client |
user_data |
the data passed to set_auth_callback |
|