I'm a little confused on what auth does exactly. Does it just compare an input password to a stored password? What if I dont user usernames and use a login email instead. I save passwords using a blowfish crypt in my db, meaning its a one way hash that can later be used to rehash an input login/password for verification. Is it possible to extend the simpleauth driver for my needs or should I just write my own login class.
The 'simple' drivers are just there as an example for acl, group and user handling, and to provide a very simple auth function for applications that don't require more.
The entire idea of the Auth package is that you extend it's functionality by adding your own drivers.
If you do, don't store those in the Auth package itself, create your own auth classes, either in app or in a separate package, that extends the Auth classes. This way you don't block the upgrade possibility of the Auth package.