fix(auth): tighten refresh session revocation

server-rs/crates/api-server/src/ai_tasks.rs

@@ -776,7 +776,8 @@ mod tests {
         let claims = AccessTokenClaims::from_input(
             AccessTokenClaimsInput {
                 user_id: "user_00000001".to_string(),
-                session_id: "sess_ai_tasks".to_string(),
+                session_id: state
+                    .seed_test_refresh_session_for_user_id("user_00000001", "sess_ai_tasks"),
                 provider: AuthProvider::Password,
                 roles: vec!["user".to_string()],
                 token_version: 2,