I can suggest the following method:
In PHP (or any other technology)
In tersusapp, create loginview which should contain an init process similar to the following:
Display Actions/Get View Parameters queries the URL and returns the parameter(s) specified as exit(s).
Get User by Token, should query the database for the user (and probably perform some additional modeling such as checking expiration time, and deleting the token).
Security/Set Logged-in User does just that
Reload Application causes the client to reload the application with permissions applicable to the currently logged in user.
For best results, use the Firefox browser..