Many other features depend on a user being able to log in at the Ultimate Sims List, so this this is a core capability.
I plan to use the Sun Sims user database so that folks only need to create on login ID. The tricky part is figuring out whether a user is already logged in without opening a big security hole.
The best way to do this seems to be to use cookies. This would assume that if a user's web browser can send a correct username and password in a cookie, then that's an authorized user. If we use cookies, they'll need to expire after some time and the user needs a "
logout" feature that will clear cookies immediately.
So far, so good. I already know how to query the database. Now I just need to dig up the stuff on how to hash passwords and work with cookies.
And that's the way it goes. One thing leads to another.