Today's work on My Life revolved around making it easier to log in and stay logged in. I realized my phone was purging session cookies basically every day, so I changed the cookie management to set explicit expiration dates. And extend those expiration dates every time you use the app. Therefore, so long as you keep using the app you won't get logged out.
So far so good.
But then I wanted to remember the last email address I used to log in in a cookie that lasted even longer. Just in case the session cookie did expire and I wanted to log in again quickly. Sadly, when I add a cookie to a response, the session data gets corrupted. I get "Invalid CSRF Token" errors when attempting to log in, and my existing session, even when I log in successfully, doesn't stick around. Somehow the two middlewares (ring-session and ring-cookie) do not play nice with each other.
I have some more research to do.