pub async fn create(db: &Db, user_id: i64) -> Result<Session, Error>Expand description
Create a new session for a user and persist it. The returned token is the cookie value the browser should receive.
A fresh CSRF token is generated alongside the session id and written to the same row. The two tokens share entropy source and length but are independent — neither is derivable from the other.