pub async fn delete_session(db: &Db, token: &str) -> Result<()>Expand description
Hard-delete a session row by cookie token. Retained as a
pre-0.4.0 compatibility shim — internal callers are migrating to
invalidate_sessions, which soft-revokes via revoked_at and
keeps the row available for the audit trail. New code MUST NOT
call this directly; only the expired-row sweeper and the read-path
stale-cleanup branch are allowed callers, both of which are
inside this module.