/users/auth

This request handler implements the /users/auth request handler. It expects the following parameters:

• session (cookie) : md5hash key for current session
• username : WWL or external username
• pw : WWL or external password

It responds in plain text (text/plain) with either a session key (valid login or session key) or an empty string if credentials are invalid or expired

This request handler can also be run in proxy server mode, where it calls an external URL to authenticate the user. In this case, you should supply the following additional parameters.

• proxyurl : URL for the external authentication service
• username_field : field for username
• pw_field : field for password or key
• success_msg : string to look for in successful login response
• error_msg : string to look for in failed login

When using /users/auth in proxy mode, WWL will not store user credentials. If the user is authenticated, WWL will assign a random session key that expires after about one hour.