Just wanted to know that I am using Session.getSessionWithoutRequestResponse(accessToken) this func to get the session and check if it exists and protect my api route in next js. Is it enough or there could be some security concerns on it ?