This method retrieves the current local session (i.e local storage).
The session contains a signed JWT and unencoded session data.
Since the unencoded session data is retrieved from the local storage medium, do not rely on it as a source of trusted data on the server. It could be tampered with by the sender. If you need verified, trustworthy user data, call getUser instead.
If the session has an expired access token, this method will use the refresh token to get a new session.