Session Tuning

Sessions use SHA-256 hashed tokens stored in the database. Configure TTL, sliding-window renewal, cookie flags (HttpOnly, SameSite, Secure), and maximum concurrent sessions.

Full reference coming soon.