#more incomplete code..
sub _authen_config {
   my $self = shift;

   # authenticate
   $self->authen->config(
      DRIVER => [
      'Generic',
         sub {
            return $self->_verify_credentials(@_);
         },
      ],
      LOGIN_SESSION_TIMEOUT => '45m', 
         # TODO  change to 35m for release
      CREDENTIALS =>  
    ['authen_username','authen_password','authen_captcha'],
      STORE => 'Session',
      LOGIN_RUNMODE => 'login',
   );
   $self->authen->protected_runmodes(qr/^(?!login)/);

   return 1;
}