Allow disconnecting a user and invalidating its cookies on a race-free way

Currently a user can be disconnected using occtl or kill (to its worker process) and the security module will invalidate its cookies few seconds later, if termination statistics reach it. However, that does not allow a reliable way of terminating users and preventing them re-login. We should provide a way to disconnect a user and delete their associated cookie.