In http://web2py.com/books/default/chapter/29/9 it is stated that auth.login_bare returns None if the username/password pair is invalid. auth.login_bare actually returns False, not None. I guess most people do:
user = auth.login_bare(u, p)
if not user:
raise HTTP(403, "Authorization Failed.")
but if one does (as I did),
if user is None:
then the difference is noticeable. I am posting this so that the error is
documented.
Luca
