You could send up the phone_id in the authenticate method. "username" or "password" fields could include extra information in them such as phone_id. Whether you encode the phone_id in the username or password just depends on if you want to remember the phone_id later (password is thrown away after authenticate method executes).
thanks for your answer. I'll try to implement what you suggest.