I do not know what you mean "lasts longer then a session" -- http is stateless, if you want state (such as logged in and authorized) you need some sort of session (cookie, uri, hiddenform,...).
I am already using standard Catalyst plugins that handle sessions and authentication. I set sessions to expire after 1 hour of inactivity. What I'm looking for is the ability to auto-login users when they come back after, say, 1 week, when their previous session is long expired. Usually, this is achieved by setting a persistent cookie (lasting for N days) when the user logs in, and storing either user ID, username, a random token, or a combination of all of those in an encrypted form in that cookie. Of course, users would have to explicitly log in to access the sensitive parts of the website. -- ----------------------------------------------------- Evaldas Imbrasas http://www.imbrasas.com _______________________________________________ List: [email protected] Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
