LJ::auth_okay — Validates a user's password. The "clear" or "md5" argument must be present, and either the "actual" argument (the correct password) must be set, or the first argument must be a user object ($u) with the 'password' key set. This is the preferred way to validate a password (as opposed to doing it by hand), since this function will use a pluggable authenticator, if one is defined, so LiveJournal installations can be based off an LDAP server, for example.
LJ::auth_okay(u, clear, md5, actual, ip_banned
u. A hashref of a row from the user table, sometimes called a "user object". Although only initially a row from the user table, gets a lot of tacked onto it from various other LJ API functions.
clear. Clear text password the client is sending. (need this or md5)
md5. MD5 of the password the client is sending. (need this or clear). If this value instead of clear, clear can be anything, as md5 validation will take precedence.
actual. The actual password for the user. Ignored if a pluggable authenticator is being used. Required unless the first argument is a user object instead of a username scalar.
ip_banned. Optional scalar ref which this function will set to true if IP address of remote user is banned.