FEATURE: Limit the number of active sessions for a user (#8411)

If a user has more than 60 active sessions, the oldest sessions will be terminated automatically. This protects performance when logging in and when loading the list of recently used devices.

lib/auth/default_current_user_provider.rb

@@ -164,6 +164,9 @@ class Auth::DefaultCurrentUserProvider
     unstage_user(user)
     make_developer_admin(user)
     enable_bootstrap_mode(user)
+
+    UserAuthToken.enforce_session_count_limit!(user.id)
+
     @env[CURRENT_USER_KEY] = user
   end