Display and revoke active sessions
What does this MR do?
Adds an active sessions menu entry to the profile settings page. That page shows all the user's active sessions (aka logged in devices).
The user may revoke any unknown sessions.
Are there points in the code the reviewer needs to double check?
Why was this MR needed?
From a security standpoint it's relevant to be able to identify active sessions and revoke any of it.
The development of this MR is sponsored by @ siemens (/cc @bufferoverflow).
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
- Changelog entry added, if necessary
- Documentation created/updated
- API support added
- Tests added for this feature/bug
- Has been reviewed by UX
- Has been reviewed by Frontend
- Has been reviewed by Backend
- Has been reviewed by Database
- Conform by the merge request performance guides
- Conform by the style guides
- Squashed related commits together
- Internationalization required/considered
End-to-end tests pass (
package-and-qamanual pipeline job)