optional auto login in plone3

having optional auto login in plone2.5 was easy. well maybe not easy but at least it was documented (it would be nice if somebody with rights would update that documentation with working example for plone3). i recently post on plone-users mailing list regarding this issue and got a tip to look into cookie plugins for PAS.

follow all instructions as desribed here. this mean:
* you will adapt setAuthCookie script
* change login_form and login portlet
* set auth_cookie_length in site_properties

after that go to acl_users and add "Extended Cookie Auth Helper", give it some id/title and choose all functionalities for it.

Challenge (challenge)

Reset Credentials (resetCredentials)

Update Credentials (updateCredentials)

Extraction (extractCredentials)

and that should be it. except in my case this solution is not working, because i use email as username. and that gives error when username is trying - for some unknown reason to me - to decode credentials:

creds['login'] = login.decode('hex')
creds['password'] = password.decode('hex')

when i removed decoding auth started to work as expected. did i found a bug. as i see jens is last commiter for PAS (no commit in last 12months). i'll propose a fix on next plone tuneup or please explain me why this decoding is neccessary and how to address my problem with email as username. until then i'm patching PAS. (hmm is there any patching recipe out there, could come useful)