is there any way to verify that session is invalid? and also when we use session authentication in the sync gateway, can we understand that session is belong to which user for better security.
Who would verify that and why? The session is maintained by the sync gateway and it is responsible for ensuring that replications do not overstay their valid session timeout.
Not sure I understand the case for “Better security”. Can you elaborate. In any case you, can get the session for using with GET session REST endpoint