This method is invoked when {@link TAuthManager::setAllowAutoLogin AllowAutoLogin} is set true.
The default implementation simply returns null, meaning no user instance can be created
from the given cookie.
If you want to support automatic login (remember login), you should override this method.
Typically, you obtain the username and a unique token from the cookie's value.
You then verify the token is valid and use the username to create a user instance.