AuthenticateAndRefresh checks if the user is logged in and refreshes the session and returns the session.

CreateSession creates a new session and stores it in the database and sends the session ID to the user's computer.

DeleteSession deletes the session from database and invalidates the session ID cookie on the user's computer.