Change user-login callback to capture custom authentication schemes

[shadyvb]

Fix #434, related to #501

[frankiejarrett]

@shadyvb Running with the assumption that we can abstract the storage backend, how would this affect VIP sites using Stream?

Just looking at their docs about server-side cookie handling and SSO through the WordPress.com network: http://vip.wordpress.com/documentation/wordpress-com-vs-wordpress-org/#registering-users

/cc @westonruter

[westonruter]

I don't believe there are any SSO schemes available on WordPress.com, even for VIP. Though I did find this: http://vip.wordpress.com/documentation/faux-single-sign-on/

[shadyvb]

@fjarrett This addressing the default behavior of WP, unless they're doing some weird stuff on authenticate filter, this should be working. So we'll have to wait and see.
The advantage to this, is that is works on the final stage of any user authentication, whatever way you use to authenticate, you'll always need to set a cookie, that's where we currently hook ( in this PR ).

[shadyvb]

Reviewing the link @westonruter mentioned, that SSO method is using some front-end cookie handling, so i don't think we can handle that anyway.

[frankiejarrett]

Tested using Clef and Stream recorded the user login perfectly.