Less work = more cool
The login box can have the username filled with the cookie.
On the login box we can have a checkbox to enable this feature, like this:
remember my name
That feature can be checked by default, but the checkbox status must be remembered by a cookie too, because a user can dislike that and my sux uncheck if every time.
Auto login when return == "Remember me"
That will work as a never end session, but will make a transparently login based on a cookie information, to be possible to show the user new informations when he/she enter again on the Noosfero.
It will work as a first page service.
Yes! It must not be enabled by default.
It is a cool feature to use on a laptop or in a personal login o the desktop.
Some attention information about security must be showed to the user when he/she select that feature.
When the user click on logout he/she will clear the cookie and will need a new normal login to enter again.
The cookie login information can't be a ridiculous thing like user=Zé&autologin=on. I'm thinking in a thing like: autologinuser=<crypt-user>&autologinpasswd=<crypt-passwd>
The server will crypt the name, re-crypt the cripted password on the user database and add this on the cookie. So, other users can't know the user and password with a cookie information and the admin can know the server crypt pass/number but you will not know the user password.
Or forget this auto-login way and use a browser based password remember. (What is better?)