package My::Apache::UserAuthen;
use strict;
use My::Apache::UserCache qw(get_pass);
...
sub handler {
  ... setup; get apache basic auth credentials; etc ...
  my $reason = authenticate( $user, $user_pw );
  ... log etc on failure..
  return OK;
}

sub authenticate {
  my ($user, $user_pw) = @_;
  ...
  my $db_pass = get_pass( $user );
  ... return messages based on match/mismatch/etc ...
  return '';
}