It seems that users are currently allowed to log in twice. This is not good because the second user session is really messed up (BigDB calls don't come back). Also, a user should not be able to vs himself in the game...
So what is the correct way to handle this? Do I need to somehow check on login if the player is already logged in? I would think this should be an error generated on the authenticate method. Either that or the first user (sometimes called a ghost user) should be disconnected when the new user logs in.