If you want to use cookies for authentication, then Apache::AuthCookie makes a good base for the mod_perl authentication handler.

It is a base class and requires defining code to create and validate the cookies. There are existing modules that lookup users in the database and validate cookies based on hashes (Apache::AuthCookieDBI).