Check session status: documentation and code are not consistent in this repo.

[meotimdihia]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

in the documentation, we need xSessionToken and cookie: https://www.ory.sh/docs/identities/sign-in/check-session-token-cookie-api :

  const authHeader = req.headers.authorization
  const hasAuthHeader = authHeader.startsWith("Bearer ")
  const sessionToken = hasAuthHeader
    ? authHeader.slice(7, authHeader.length)
    : null

  const session = await ory
    .toSession({
      cookie: req.cookies.join("; "),
      xSessionToken: sessionToken,
    })
    .catch((err) => {
      // Check the error to see if it's a 401 / 403 -> not logged in
    })

But in the code, we just need cookies:
https://github.com/ory/kratos-selfservice-ui-node/blob/master/src/pkg/middleware.ts#L72

 frontend
      .toSession({ cookie: req.header("cookie") })
      .then(addSessionToRequest(req))

I can't find any explanation about what xSessionToken is used for.

Reproducing the bug

---

Relevant log output

No response

Relevant configuration

No response

Version

@ory/client": "^1.4.2",

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Docker

Additional Context

No response