pub async fn validate_session( pool: &DbPool, raw_token: &str, ) -> Result<Option<Session>, AuthError>
Validate a session by raw token. Returns the session if valid and not expired.
Updates last_accessed_at on success.
last_accessed_at