- Replace global user token version with per-session versioning in JWT claims
- Add session CRUD operations with DB + Redis dual-write caching strategy
- Create/list/revoke individual sessions and batch revoke other sessions
- Update login flow to create sessions with device info and IP extraction
- Update refresh flow to validate and rotate session-level token version
- Update logout to revoke only the current session instead of all tokens
- Add session management UI page with device/browser detection and relative time display
- Add i18n keys for session management in both Chinese and English
- Add sessions route and navigation menu items in both default and icon layouts
veypi