Garbage collect old tokens and sessions
Make session ids actually random
Checking session and prefix with storage requests
You can also use your local clone with git send-email.
An OTP application
$ rebar3 compile