These changes ensure that OAuth2 clients cannot create an unlimited number of access tokens (sessions) with their client credentials. Signed-off-by: Michael Mayer <michael@photoprism.app>
