elsif( (my $vfid = $csr->verified_identity) or (my $user = $ses->param("user")) ) {
    my $dbm = DBM::Deep->new(file=>$dbm_file, locking => 1, autoflush => 1);

    if( $vfid ) {
        my $url = $vfid->url;

        my $max = 20;
        for my $p ( grep {m/^openid\.sreg\./} $cgi->param ) {
            if( $p =~ m/\.([^.]+)\z/ ) {
                my $k = $1;
                my $v = substr $cgi->param($p), 0, 1024;

                warn "adding $k=$v to $url";
                $dbm->{$url}{$k} = $v;
            }

            last if (--$max)<1;
        }

        $user = {
            url  => $url,
            disp => $dbm->{$url}->{nickname} || $dbm->{$url}->{fullname} || $vfid->display,
            time => time,
        };

        $ses->param(user=>$user);
        $ses->flush;

    } elsif( $cgi->param("lo") ) {
        $ses->clear([qw(user nonce)]); # kill the nonce so they get a new one next time
        $ses->flush;

        print $cgi->redirect( $cgi->url );
        exit 0;
    }

    my $url = $user->{url};

    print $ses->header;
    print $cgi->start_html({title=>"openid test"});

    print $cgi->h3("Hi there $user->{disp}!");
    print $cgi->p("We've come a long way I think, no?", $cgi->a({href=>"?lo=1"}, "logout"));

    print $cgi->p("reg params:", 
        $cgi->ul( map {$cgi->li("$_: " . $dbm->{$url}{$_}) } keys %{ $dbm->{$url} } )) 
            if %{ $dbm->{$url} }

    exit 0;
}