handle sessions or API keys
Insufficient docs to answer fully.
Missing information
- Recommended patterns for session cookies (security flags) and API key auth (header/query).
- Any built-in helpers or plugins for API key/session management.
See also
- how_do_i/missing-info.md:1