After logging a user in I get a session id. To log the user out I have to use this session id.
If I get a logged in user from the user service, it does not have a session id.
(1) Does that mean, that I have to safe the session id myself? And that it is valid for an unlimited time?
(2) Does that mean I don't have to get the user from the user service to check if the user is logged in? I can rely on my saved session id, so as long as I don't log the user out and have a session id, the user is logged in?