rp_st
02/01/2022, 8:29 PMsAccessToken
and sIdRefreshToken
cookies in the request and attempts to use those to verify the session. If successful, it creates a session
object inside the req
object which can be used in your API to get user info and / or manipulate the session.