Authentication
Session management and 2FA (login, logout, TOTP)
📄️ Get Salt
Retrieve a per‑login salt and establish a session cookie.
📄️ Login
Authenticate with username and password hashed as `sha256(salt + sha256(password))` using the `salt` from GET /login.
📄️ Logout and destroy session
Invalidate the current session and clear the session cookie.
📄️ Refresh Session
Allows refreshing the session to prevent expiry
📄️ Validate TOTP secret
Validate TOTP code for the current user