The user management is handled through the User class, which should be extended to suit your application's needs.
Note: The cookie functionality of this class is shortly to be deprecated. Any cookie-code would be moved to the HTTP-level code (which will be supplied as examples). This is to facilitate alternative login/authentication token methods.
Moving to Multi-Logins
A recent update to the code introduced support for multiple logins, to enable individual users to login from a variety of locations simultaneously (useful for roaming users; access from multiple devices and the planned API support).
This requires a modification to the support table:
CREATE TABLE IF NOT EXISTS `user_session` (
`username` char(100) NOT NULL,
`session_id` char(32) NOT NULL,
`ip` varchar(15) NOT NULL,
`lastactivity` bigint(20) NOT NULL,
`interface` varchar(20) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
Existing session codes in the user table are deprecated and will shortly be removed from the standard spec.