Rather than require users to log in with a username and password – which has some complications in our authentication model – I’d rather let them be automatically authenticated by looking at the existing cookies. This seems like it could be pretty simple – something like the existing “black box” function, but instead of looking at a uname and password, it would look at the request’s cookies and return false or a username.
Is this possible? Is it on a list of coming features? Could it be added to one?