On Thu, Nov 19, 2015 at 7:00 AM, <dancer-users-request@dancer.pm> wrote:

This blog of mine might be helpful in understanding how it all works:

http://blog.geekuni.com/2015/06/three-ways-to-implement-sessions.html

We should also be talking about JWT JSON Web Tokens because the Cookie scheme is broken.
I use Crypt::JWT . These links explain it nicely:

https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/
http://jwt.io/
JWS https://tools.ietf.org/html/rfc7515
JWT https://tools.ietf.org/html/rfc7519

http://stackoverflow.com/questions/20504846/why-is-it-common-to-put-csrf-prevention-tokens-in-cookies
Cheers -- Rick