# Multi-Device Login Sessions

**ID:** EU-001
**Priority:** High
**Status:** Planned

## User Story
As an end user, I want to stay logged in on multiple devices simultaneously so that I can access my account from my phone, tablet, and computer without being logged out elsewhere.

## Acceptance Criteria
- [ ] User can have active sessions on multiple devices at the same time
- [ ] Each device gets its own refresh token
- [ ] Logging out on one device does not affect sessions on other devices
- [ ] User can see all active sessions in account settings
- [ ] User can revoke individual sessions remotely

## Technical Notes
- Currently only one refresh token per login session is supported
- Need to refactor `LoginSession` to support multiple refresh tokens
- Consider storing device metadata (browser, OS, last active time) with each token
- JWT blocklist needs to handle individual token revocation

## Related TODOs
- `ts/reception/classes.jwt.ts:39` - `// TODO: handle multiple refresh tokens`