⭐ in reply to How can I authenticate HTTP sessions?
To really protect those documents, you'll probably
need to basically re-authorize the user on each
request. You can either roll your own
authentication, or you can use the HTTP basic
authentication scheme.
If you choose the former, you'll probably want to have a login screen; then authenticate the user, set a cookie, and let the user view the documents. On each request for a document, check for the authentication cookie: if it exists, let the user view the doc; if it doesn't exist, make the user log in again.
If you choose to go with basic authentication, you'll want to authenticate out of your database, since you already have the username/password info in there. Check out Apache::AuthDBI (on CPAN) for doing basic authentication out of a database for which you have a DBI driver.
In Section
Seekers of Perl Wisdom