This article presents the improvements to the session system in FoalTS version 2.
The new syntax can be used either with cookies or with the
Authorization header. It adds the following new features:
- query all sessions of a given user
- query all connected users
- force logout of a specific user
- flash sessions
- session ID regeneration
- anonymous and authenticated sessions
FoalTS also simplifies stateful CSRF protection so that all it takes is one setting to enable it.