my $q=CGI->new();
if ($q->cookie('sessioncookie') {
    # check cookie exists in DB
    # serve page requested
}
elsif ($q->param('username')) {
    # check password OK, set session cookie 
    # and store cookie in DB
}
else {
    # show login form
}