Callback used by #SoupAuthDomainBasic for authentication purposes.
The application should verify that @username and @password and valid
and return %TRUE or %FALSE.
If you are maintaining your own password database (rather than
using the password to authenticate against some other system like
PAM or a remote server), you should make sure you know what you are
doing. In particular, don't store cleartext passwords, or
easily-computed hashes of cleartext passwords, even if you don't
care that much about the security of your server, because users
will frequently use the same password for multiple sites, and so
compromising any site with a cleartext (or easily-cracked) password
database may give attackers access to other more-interesting sites
as well.
Callback used by #SoupAuthDomainBasic for authentication purposes. The application should verify that @username and @password and valid and return %TRUE or %FALSE.
If you are maintaining your own password database (rather than using the password to authenticate against some other system like PAM or a remote server), you should make sure you know what you are doing. In particular, don't store cleartext passwords, or easily-computed hashes of cleartext passwords, even if you don't care that much about the security of your server, because users will frequently use the same password for multiple sites, and so compromising any site with a cleartext (or easily-cracked) password database may give attackers access to other more-interesting sites as well.