pozylon pushed a major auth overhaul on master, switching the API and OIDC examples (Keycloak/Zitadel) from server-side sessions to stateless JWT authentication. This adds a centralized JWT auth handler with token versioning + fingerprint protection, introduces an OIDC back-channel logout endpoint, and updates the examples to issue local JWTs after OIDC login (with nonce validation) plus a new GraphQL mutation to “logout all sessions” by revoking tokens.