Programmatically login admin in magento

Question

i am new with magento, yet given the task to make custom api's with admin authentication. i am done with the api's but stucked in the admin authentication. the main problem i am facing is that: the passwords in magento are md5 encrypted and i dont know what to do with that. Help in this regard will be appriciated. my authentication code is below:

public function indexAction() {

require_once 'app/Mage.php';
umask(0);
$app = Mage::app('default');
$array = $_GET;
$username = $_GET['username'];
$password = $_GET['password'];
Mage::getSingleton('core/session', array('name' => 'adminhtml'));
$user = Mage::getModel('admin/user')->loadByUsername($username); // user your admin username
$user_id = $user->getId();
// echo $user_id;
if(($user->getId())>=1)
{
    echo "User Name: True";
    echo "<br>";
    $dbpassword = $user->getData('password');
    // echo $dbpassword."  ----  ";
    // echo md5($username.$pass).":".$username;
    // echo "<pre>";
    // $a = Mage::helper('core')->validateHash($password, $dbpassword);
    // print_r($a);
    if($password == $dbpassword)
    {
        echo "<hr>";
        echo "Password: True";echo "<br>";
        echo "Authenticated :) Here we go!!";
    }
    else
    {
        echo "Password: False";
    }
}
else
{
    echo "User Name: False";
}

}

Answer 1

Use this function to validate your password against the magento hashed password

public function validateHash($password, $hash){
    $hashArr = explode(':', $hash);
    switch (count($hashArr)) {
        case 1:
            return md5($password) === $hash;
        case 2:
            return md5($hashArr[1] . $password) === $hashArr[0];
    }
}

To check if the password is valid, do as below

if(validateHash($password, $user->getData('password'))){
    echo 1;
}else{
    echo 0;
}