LJ::auth_okay — Validates a user's password. The "clear" or "md5" argument must be present, and either the "actual" argument (the correct password) must be set, or the first argument must be a user object ($u) with the 'password' key set. This is the preferred way to validate a password (as opposed to doing it by hand), since this function will use a pluggable authenticator, if one is defined, so LiveJournal installations can be based off an LDAP server, for example.


LJ::auth_okay(u, clear, md5, actual, ip_banned);


  • u. A hashref of a row from the user table, sometimes called a "user object". Although only initially a row from the user table, gets a lot of tacked onto it from various other LJ API functions.

  • clear. Clear text password the client is sending. (need this or md5)

  • md5. MD5 of the password the client is sending. (need this or clear). If this value instead of clear, clear can be anything, as md5 validation will take precedence.

  • actual. The actual password for the user. Ignored if a pluggable authenticator is being used. Required unless the first argument is a user object instead of a username scalar.

  • ip_banned. Optional scalar ref which this function will set to true if IP address of remote user is banned.




boolean; 1 if authentication succeeded, 0 on failure