this is not at all easy to do and is not supported.
you would need to create a table that stores the ID of each user using an insert behavior when they log in, that parts pretty easy.
you also need to delete the record when they log out, this is the hard part because there are a number of different things that can happen to log the user out.
the user could go to the logout page and click the logout, we can use this to trigger code to delete the record.
the user could leave the computer and the login session times out - no way to trigger code to delete the record this way
the user could close the browser to end the session - no way top trigger code here either
so 2 out 3 ways to logout leave the record stranded in the database and the user appears to be logged in, but in reality, they are not.