I am looking at the Cookbook recipe for implementing a session based login mechanism. ---- before sub { if (! session('username') && request->path_info !~ m{^/login}) { var requested_path => request->path_info; request->path_info('/login'); } }; get '/login' => sub { # Display a login page; the original URL they requested is available as # vars->{requested_path}, so could be put in a hidden field in the form }; ---- What I really want is to declare, in one place, the routes that should be protected, the rest being openly accessible, or vice versa, that is, declare the routes that should be accessible freely without login, the rest requiring a login. What is the best way to do that? An extension of this requirement would be to decralre an entire sub application to be protected with the use of the prefix. I am thinking of something like before sub { if (! session('username') && request->path_info !~ m{^/login} && <******>) { var requested_path => request->path_info; request->path_info('/login'); } }; The logic would go in the <*******> part, something like (route in (array of protected routes)) Is the route available in a variable? or, is it only accessible via regexp? Has this been solved already? -- Puneet Kishor http://www.punkish.org Carbon Model http://carbonmodel.org Charter Member, Open Source Geospatial Foundation http://www.osgeo.org Science Commons Fellow, http://sciencecommons.org/about/whoweare/kishor Nelson Institute, UW-Madison http://www.nelson.wisc.edu ----------------------------------------------------------------------- Assertions are politics; backing up assertions with evidence is science =======================================================================