Sessions are created by calling the newsess method, passing it a specific user's group code, login name and password.  A session is created if all three are valid.  A session is valid until it is deleted via the delsess method or until it has not be accessed for 20 minutes.

Note:  To modify user login and password information, use the User::saveprofile method.