3.0.0 Release Candidate 1

• Removed incorrect misspelled function
• Now requires you to at least be sending a request with POST PUT or DELETE so SecurityComponent and CsfrComponent have a chance to inspect the request
• Configurable sessionKey
• More magic in the background to use AuthComponent UserModel and finder to match what you will expect in a normal auth session