i find the session info at cookie of broswer console.but from now, i find supertokens is use something dynamic secret for jwt?