I have a login page POST handler, and I want to remember the login parameters for the next attempt: post '/login' => sub { if (handle_login(stuff)) { cookie 'myapp' => { 'username' => params->{username}, 'other' => params->{stuff}, }; redirect '/'; # top-level app URL } # else, login failed, so stay on /login route }; It seems that as soon as I set the cookie, I invalidate the session. I know this because I have a "before" hook that checks whether the session is logged in, and bounces me back to the '/login' route. Without the cookie() call, I get logged in, and go to '/'. With it, I keep getting bounced back to '/login' because Dumper(session) gives me a blank session with only an id field set. How and where am I *supposed* to set the cookie, so it stays attached to the newly-logged-in session?