From 89ca94a7e777e3693362c84de9a14b861d840d0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mehmet=20Can=20Karag=C3=B6z?=
 <78308169+mckaragoz@users.noreply.github.com>
Date: Thu, 23 Apr 2026 22:56:20 +0300
Subject: [PATCH] Merge pull request #47 from mckaragoz/ChainIsActiveHelper

Session Chain: Add IsActive Helper & Fix Logout Behavior on Session Reset in Chain
---
 Directory.Build.props                         |   2 +-
 .../docs/getting-started/quickstart.json      |  14 +-
 .../getting-started/real-world-setup.json     |  11 +-
 .../uauthhub.db-shm                           | Bin 32768 -> 32768 bytes
 .../uauthhub.db-wal                           | Bin 716912 -> 1133032 bytes
 .../Abstractions/Issuers/ISessionIssuer.cs    |   4 +
 .../Domain/Session/UAuthSessionChain.cs       |   1 +
 .../Issuers/UAuthSessionIssuer.cs             |  23 ++
 .../LogoutChainBySessionCommand.cs            |  20 ++
 .../Services/UAuthFlowService.cs              |   2 +-
 .../LogoutTests.cs                            | 270 ++++++++++++++++++
 11 files changed, 340 insertions(+), 7 deletions(-)
 create mode 100644 src/CodeBeam.UltimateAuth.Server/Infrastructure/Orchestrator/LogoutChainBySessionCommand.cs
 create mode 100644 tests/CodeBeam.UltimateAuth.Tests.Integration/LogoutTests.cs

diff --git a/Directory.Build.props b/Directory.Build.props
index 96fa6cdf..d9414fe5 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -1,6 +1,6 @@
 <Project>
 	<PropertyGroup>
-		<Version>0.1.0-rc.1</Version>
+		<Version>0.1.0-rc.2</Version>
 		<NoWarn>$(NoWarn);1591</NoWarn>
 		
 		<Authors>CodeBeam</Authors>
diff --git a/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/quickstart.json b/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/quickstart.json
index 8caf8257..3f6da51e 100644
--- a/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/quickstart.json
+++ b/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/quickstart.json
@@ -1,7 +1,7 @@
 {
   "Slug": "getting-started/quickstart",
   "Title": "QuickStart",
-  "Html": "\n\u003Cp\u003EIn this guide, you will set up UltimateAuth in a few minutes and perform your \u003Cstrong\u003Efirst login\u003C/strong\u003E.\u003C/p\u003E\n\u003Chr /\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022create-a-project\u0022\u003E1. Create a Project\u003C/h2\u003E\n\u003Cp\u003ECreate a new Blazor Server web app:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet new blazorserver -n UltimateAuthDemo\ncd UltimateAuthDemo\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022install-packages\u0022\u003E2. Install Packages\u003C/h2\u003E\n\u003Cp\u003EAdd UltimateAuth packages:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Edotnet add package CodeBeam.UltimateAuth.Server\ndotnet add package CodeBeam.UltimateAuth.Client.Blazor\ndotnet add package CodeBeam.UltimateAuth.InMemory.Bundle\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services\u0022\u003E3. Configure Services\u003C/h2\u003E\n\u003Cp\u003EUpdate your Program.cs:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services\n    .AddUltimateAuthServer()\n    .AddUltimateAuthInMemory();\n\nbuilder.Services\n    .AddUltimateAuthClientBlazor();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-middleware\u0022\u003E4. Configure Middleware\u003C/h2\u003E\n\u003Cp\u003EIn \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.UseUltimateAuthWithAspNetCore();\napp.MapUltimateAuthEndpoints();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022enable-blazor-integration\u0022\u003E5. Enable Blazor Integration\u003C/h2\u003E\n\u003Cp\u003EIn \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.MapRazorComponents\u0026lt;App\u0026gt;()\n    .AddInteractiveServerRenderMode() // or webassembly (depends on your application type)\n    .AddUltimateAuthRoutes(UAuthAssemblies.BlazorClient());\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022add-uauth-script\u0022\u003E6. Add UAuth Script\u003C/h2\u003E\n\u003Cp\u003EAdd this to \u003Ccode\u003EApp.razor\u003C/code\u003E or \u003Ccode\u003Eindex.html\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E\u0026lt;script src=\u0026quot;_content/CodeBeam.UltimateAuth.Client.Blazor/uauth.min.js\u0026quot;\u0026gt;\u0026lt;/script\u0026gt;\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-application-lifecycle\u0022\u003E7. Configure Application Lifecycle\u003C/h2\u003E\n\u003Cp\u003EReplace \u003Ccode\u003ERoutes.razor\u003C/code\u003E with this code:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E\u0026lt;UAuthApp UseBuiltInRouter=\u0026quot;true\u0026quot; AppAssembly=\u0026quot;typeof(Program).Assembly\u0026quot; DefaultLayout=\u0026quot;typeof(Layout.MainLayout)\u0026quot; /\u0026gt;\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022perform-your-first-login\u0022\u003E8. Perform Your First Login\u003C/h2\u003E\n\u003Cp\u003EExample using IUAuthClient:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E[Inject] IUAuthClient UAuthClient { get; set; } = null!;\n\nprivate async Task Login()\n{\n    await UAuthClient.Flows.LoginAsync(new LoginRequest\n    {\n        Identifier = \u0026quot;demo\u0026quot;,\n        Secret = \u0026quot;password\u0026quot;\n    });\n}\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022thats-it\u0022\u003E\uD83C\uDF89 That\u2019s It\u003C/h2\u003E\n\u003Cp\u003EYou now have a working authentication system with:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003ESession-based authentication\u003C/li\u003E\n\u003Cli\u003EAutomatic client detection\u003C/li\u003E\n\u003Cli\u003EBuilt-in login flow\u003C/li\u003E\n\u003Cli\u003ESecure session handling\u003C/li\u003E\n\u003C/ul\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022what-just-happened\u0022\u003EWhat Just Happened?\u003C/h2\u003E\n\u003Cp\u003EWhen you logged in:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EA session (with root and chain) was created on the server,\u003C/li\u003E\n\u003Cli\u003EYour client received an authentication grant (cookie or token),\u003C/li\u003E\n\u003Cli\u003EUltimateAuth established your auth state automatically.\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003E\uD83D\uDC49 You didn\u2019t manage cookies, tokens, or redirects manually.\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022next-steps\u0022\u003ENext Steps\u003C/h2\u003E\n\u003Cp\u003EDiscover the setup for real world applications with entity framework core.\u003C/p\u003E\n",
+  "Html": "\n\u003Cp\u003EIn this guide, you will set up UltimateAuth in a few minutes and perform your \u003Cstrong\u003Efirst login\u003C/strong\u003E.\u003C/p\u003E\n\u003Chr /\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022create-a-project\u0022\u003E1. Create a Project\u003C/h2\u003E\n\u003Cp\u003EStart by creating a new Blazor app:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet new blazorserver -n UltimateAuthDemo\ncd UltimateAuthDemo\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022install-packages\u0022\u003E2. Install Packages\u003C/h2\u003E\n\u003Cp\u003EInstall the required UltimateAuth packages:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Edotnet add package CodeBeam.UltimateAuth.Server\ndotnet add package CodeBeam.UltimateAuth.Client.Blazor\ndotnet add package CodeBeam.UltimateAuth.InMemory.Bundle\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services\u0022\u003E3. Configure Services\u003C/h2\u003E\n\u003Cp\u003EUpdate your Program.cs:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services\n    .AddUltimateAuthServer()\n    .AddUltimateAuthInMemory();\n\nbuilder.Services\n    .AddUltimateAuthClientBlazor();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-middleware\u0022\u003E4. Configure Middleware\u003C/h2\u003E\n\u003Cp\u003EIn \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.UseUltimateAuthWithAspNetCore();\napp.MapUltimateAuthEndpoints();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022enable-blazor-integration\u0022\u003E5. Enable Blazor Integration\u003C/h2\u003E\n\u003Cp\u003EIn \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.MapRazorComponents\u0026lt;App\u0026gt;()\n    .AddInteractiveServerRenderMode() // or webassembly (depends on your application type)\n    .AddUltimateAuthRoutes(UAuthAssemblies.BlazorClient());\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022add-uauth-script\u0022\u003E6. Add UAuth Script\u003C/h2\u003E\n\u003Cp\u003EAdd this to \u003Ccode\u003EApp.razor\u003C/code\u003E or \u003Ccode\u003Eindex.html\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E\u0026lt;script src=\u0026quot;_content/CodeBeam.UltimateAuth.Client.Blazor/uauth.min.js\u0026quot;\u0026gt;\u0026lt;/script\u0026gt;\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-application-lifecycle\u0022\u003E7. Configure Application Lifecycle\u003C/h2\u003E\n\u003Cp\u003EReplace \u003Ccode\u003ERoutes.razor\u003C/code\u003E with this code:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E\u0026lt;UAuthApp UseBuiltInRouter=\u0026quot;true\u0026quot; AppAssembly=\u0026quot;typeof(Program).Assembly\u0026quot; DefaultLayout=\u0026quot;typeof(Layout.MainLayout)\u0026quot; /\u0026gt;\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022recommended-setup-optional\u0022\u003E8. Recommended Setup (Optional)\u003C/h2\u003E\n\u003Cp\u003EAdd these for better experience:\u003C/p\u003E\n\u003Cp\u003EFor login page (Use this only once in your application)\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E@attribute [UAuthLoginPage]\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EFor protected pages\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E@attribute [UAuthAuthorize]\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EFor any page that you use UltimateAuth features like AuthState etc.\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E@inherits UAuthFlowPageBase\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022seed-data-for-quickstart-optional\u0022\u003E9. Seed Data For QuickStart (Optional)\u003C/h2\u003E\n\u003Cp\u003EThis code creates admin and user users with same password and admin role.\u003C/p\u003E\n\u003Cp\u003EFor in memory\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthSampleSeed();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EFor entity framework core:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddScopedUltimateAuthSampleSeed();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EIn pipeline configuration\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eif (app.Environment.IsDevelopment())\n{\n    await app.SeedUltimateAuthAsync();\n}\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022perform-your-first-login\u0022\u003E10. Perform Your First Login\u003C/h2\u003E\n\u003Cp\u003EExample using IUAuthClient:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003E[Inject] IUAuthClient UAuthClient { get; set; } = null!;\n\nprivate async Task Login()\n{\n    await UAuthClient.Flows.LoginAsync(new LoginRequest\n    {\n        Identifier = \u0026quot;admin\u0026quot;,\n        Secret = \u0026quot;admin\u0026quot;\n    });\n}\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022thats-it\u0022\u003E\uD83C\uDF89 That\u2019s It\u003C/h2\u003E\n\u003Cp\u003EYou now have a working authentication system with:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003ESession-based authentication\u003C/li\u003E\n\u003Cli\u003EAutomatic client detection\u003C/li\u003E\n\u003Cli\u003EBuilt-in login flow\u003C/li\u003E\n\u003Cli\u003ESecure session handling\u003C/li\u003E\n\u003C/ul\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022what-just-happened\u0022\u003EWhat Just Happened?\u003C/h2\u003E\n\u003Cp\u003EWhen you logged in:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EA session (with root and chain) was created on the server,\u003C/li\u003E\n\u003Cli\u003EYour client received an authentication grant (cookie or token),\u003C/li\u003E\n\u003Cli\u003EUltimateAuth established your auth state automatically.\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003E\uD83D\uDC49 You didn\u2019t manage cookies, tokens, or redirects manually.\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022next-steps\u0022\u003ENext Steps\u003C/h2\u003E\n\u003Cp\u003EDiscover the setup for real world applications with entity framework core.\u003C/p\u003E\n",
   "Headings": [
     {
       "Id": "create-a-project",
@@ -38,9 +38,19 @@
       "Text": "7. Configure Application Lifecycle",
       "Level": 0
     },
+    {
+      "Id": "recommended-setup-optional",
+      "Text": "8. Recommended Setup (Optional)",
+      "Level": 0
+    },
+    {
+      "Id": "seed-data-for-quickstart-optional",
+      "Text": "9. Seed Data For QuickStart (Optional)",
+      "Level": 0
+    },
     {
       "Id": "perform-your-first-login",
-      "Text": "8. Perform Your First Login",
+      "Text": "10. Perform Your First Login",
       "Level": 0
     },
     {
diff --git a/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/real-world-setup.json b/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/real-world-setup.json
index 24236da8..867b1a17 100644
--- a/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/real-world-setup.json
+++ b/docs/website/CodeBeam.UltimateAuth.Docs.Wasm/CodeBeam.UltimateAuth.Docs.Wasm.Client/wwwroot/docs/getting-started/real-world-setup.json
@@ -1,7 +1,7 @@
 {
   "Slug": "getting-started/real-world-setup",
   "Title": "Real World Setup",
-  "Html": "\n\u003Cp\u003EThe Quick Start uses an in-memory setup for simplicity.\nIn real-world applications, you should replace it with a persistent configuration as shown below.\u003C/p\u003E\n\u003Cp\u003EIn real applications, you will typically configure:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EA persistent database\u003C/li\u003E\n\u003Cli\u003EAn appropriate client profile\u003C/li\u003E\n\u003Cli\u003EA suitable authentication mode\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003EThis guide shows how to set up UltimateAuth for real-world scenarios.\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022using-entity-framework-core\u0022\u003E\uD83D\uDDC4\uFE0F Using Entity Framework Core\u003C/h2\u003E\n\u003Cp\u003EFor production, you should use a persistent store. In this setup, you no longer need the \u003Ccode\u003ECodeBeam.UltimateAuth.InMemory.Bundle\u003C/code\u003E package.\u003C/p\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022install-packages\u0022\u003EInstall Packages\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet add package CodeBeam.UltimateAuth.EntityFrameworkCore.Bundle\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services\u0022\u003EConfigure Services\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services\n    .AddUltimateAuthServer()\n    .AddUltimateAuthEntityFrameworkCore(db =\u0026gt;\n    {\n        db.UseSqlite(\u0026quot;Data Source=uauth.db\u0026quot;);\n        // or UseSqlServer / UseNpgsql\n    });\n\nbuilder.Services\n    .AddUltimateAuthClientBlazor();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022create-database-migrations\u0022\u003ECreate Database \u0026amp; Migrations\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet ef migrations add InitUAuth\ndotnet ef database update\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003Eor\u003C/p\u003E\n\u003Cp\u003EIf you are using Visual Studio, you can run these commands in Package Manager Console*:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003EAdd-Migration InitUAuth -Context UAuthDbContext\nUpdate-Database -Context UAuthDbContext\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003E*Needs \u003Ccode\u003EMicrosoft.EntityFrameworkCore.Design\u003C/code\u003E and \u003Ccode\u003EMicrosoft.EntityFrameworkCore.Tools\u003C/code\u003E\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services-with-options\u0022\u003EConfigure Services With Options\u003C/h2\u003E\n\u003Cp\u003EUltimateAuth provides rich options for server and client service registration.\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthServer(o =\u0026gt; {\n    o.Diagnostics.EnableRefreshDetails = true;\n    o.Login.MaxFailedAttempts = 4;\n    o.Identifiers.AllowMultipleUsernames = true;\n});\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022blazor-wasm-setup\u0022\u003EBlazor WASM Setup\u003C/h2\u003E\n\u003Cp\u003EBlazor WASM applications run entirely on the client and cannot securely handle credentials.\nFor this reason, UltimateAuth uses a dedicated Auth server called \u003Cstrong\u003EUAuthHub\u003C/strong\u003E.\u003C/p\u003E\n\u003Cp\u003EWASM \u003Ccode\u003EProgram.cs\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthClientBlazor(o =\u0026gt;\n{\n    o.Endpoints.BasePath = \u0026quot;https://localhost:6110/auth\u0026quot;; // UAuthHub URL\n    o.Pkce.ReturnUrl = \u0026quot;https://localhost:6130/home\u0026quot;; // Your (WASM) application domain \u002B return path\n});\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EUAuthHub \u003Ccode\u003EProgram.cs\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthServer()\n    .AddUltimateAuthInMemory()\n    .AddUAuthHub(o =\u0026gt; o.AllowedClientOrigins.Add(\u0026quot;https://localhost:6130\u0026quot;)); // WASM application\u0027s URL\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EUAuthHub Pipeline Configuration\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.MapUltimateAuthEndpoints();\napp.MapUAuthHub();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cblockquote\u003E\n\u003Cp\u003E\u2139\uFE0F UltimateAuth automatically selects the appropriate authentication mode (PureOpaque, Hybrid, etc.) based on the client type.\u003C/p\u003E\n\u003C/blockquote\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022resourceapi-setup\u0022\u003EResourceApi Setup\u003C/h2\u003E\n\u003Cp\u003EYou may want to secure your custom API with UltimateAuth. UltimateAuth provides a lightweight option for this case. (ResourceApi doesn\u0027t have to be a blazor application, it can be any server-side project like MVC.)\u003C/p\u003E\n\u003Cp\u003EResourceApi\u0027s \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthResourceApi(o =\u0026gt;\n    {\n        o.UAuthHubBaseUrl = \u0026quot;https://localhost:6110\u0026quot;;\n        o.AllowedClientOrigins.Add(\u0026quot;https://localhost:6130\u0026quot;);\n    });\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EConfigure pipeline:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.UseUltimateAuthResourceApiWithAspNetCore();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003ENotes:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EResourceApi should connect with an UAuthHub, not a pure-server. Make sure \u003Ccode\u003E.AddUAuthHub()\u003C/code\u003E after calling \u003Ccode\u003Ebuilder.Services.AddUltimateAuthServer()\u003C/code\u003E.\u003C/li\u003E\n\u003Cli\u003EUltimateAuth automatically configures CORS based on the provided origins.\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003EUse ResourceApi when:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EYou have a separate backend API\u003C/li\u003E\n\u003Cli\u003EYou want to validate sessions or tokens externally\u003C/li\u003E\n\u003Cli\u003EYour API is not hosting UltimateAuth directly\u003C/li\u003E\n\u003C/ul\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022how-to-think-about-setup\u0022\u003E\uD83E\uDDE0 How to Think About Setup\u003C/h2\u003E\n\u003Cp\u003EIn UltimateAuth:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EServer\u003C/strong\u003E manages authentication flows and sessions\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EClient\u003C/strong\u003E interacts through flows (not tokens directly)\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EStorage layer\u003C/strong\u003E (InMemory / EF Core) defines persistence\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EApplication type\u003C/strong\u003E determines runtime behavior\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003E\uD83D\uDC49 You configure the system once, and UltimateAuth adapts automatically.\u003C/p\u003E\n",
+  "Html": "\n\u003Cp\u003EThe Quick Start uses an in-memory setup for simplicity.\nIn real-world applications, you should replace it with a persistent configuration as shown below.\u003C/p\u003E\n\u003Cp\u003EIn real applications, you will typically configure:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EA persistent database\u003C/li\u003E\n\u003Cli\u003EAn appropriate client profile\u003C/li\u003E\n\u003Cli\u003EA suitable authentication mode\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003EThis guide shows how to set up UltimateAuth for real-world scenarios.\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022using-entity-framework-core\u0022\u003E\uD83D\uDDC4\uFE0F Using Entity Framework Core\u003C/h2\u003E\n\u003Cp\u003EFor production, you should use a persistent store. In this setup, you no longer need the \u003Ccode\u003ECodeBeam.UltimateAuth.InMemory.Bundle\u003C/code\u003E package.\u003C/p\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022install-packages\u0022\u003EInstall Packages\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet add package CodeBeam.UltimateAuth.EntityFrameworkCore.Bundle\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services\u0022\u003EConfigure Services\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services\n    .AddUltimateAuthServer()\n    .AddUltimateAuthEntityFrameworkCore(db =\u0026gt;\n    {\n        db.UseSqlite(\u0026quot;Data Source=uauth.db\u0026quot;);\n        // or UseSqlServer / UseNpgsql\n    });\n\nbuilder.Services\n    .AddUltimateAuthClientBlazor();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch3 class=\u0022mud-scrollspy-section\u0022 id=\u0022create-database-migrations\u0022\u003ECreate Database \u0026amp; Migrations\u003C/h3\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003Edotnet ef migrations add InitUAuth\ndotnet ef database update\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003Eor\u003C/p\u003E\n\u003Cp\u003EIf you are using Visual Studio, you can run these commands in Package Manager Console*:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-bash\u0022\u003EAdd-Migration InitUAuth -Context UAuthDbContext\nUpdate-Database -Context UAuthDbContext\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003E*Needs \u003Ccode\u003EMicrosoft.EntityFrameworkCore.Design\u003C/code\u003E and \u003Ccode\u003EMicrosoft.EntityFrameworkCore.Tools\u003C/code\u003E\u003C/p\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022configure-services-with-options\u0022\u003EConfigure Services With Options\u003C/h2\u003E\n\u003Cp\u003EUltimateAuth provides rich options for server and client service registration.\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthServer(o =\u0026gt; {\n    o.Diagnostics.EnableRefreshDetails = true;\n    o.Login.MaxFailedAttempts = 4;\n    o.Identifiers.AllowMultipleUsernames = true;\n});\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022blazor-standalone-wasm-setup\u0022\u003EBlazor Standalone WASM Setup\u003C/h2\u003E\n\u003Cp\u003EBlazor WASM applications run entirely on the client and cannot securely handle credentials.\nFor this reason, UltimateAuth uses a dedicated Auth server called \u003Cstrong\u003EUAuthHub\u003C/strong\u003E.\u003C/p\u003E\n\u003Cp\u003EWASM \u003Ccode\u003EProgram.cs\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthClientBlazor(o =\u0026gt;\n{\n    o.Endpoints.BasePath = \u0026quot;https://localhost:6110/auth\u0026quot;; // UAuthHub URL\n    o.Pkce.ReturnUrl = \u0026quot;https://localhost:6130/home\u0026quot;; // Your (WASM) application domain \u002B return path\n});\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EUAuthHub \u003Ccode\u003EProgram.cs\u003C/code\u003E:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthServer()\n    .AddUltimateAuthInMemory()\n    .AddUAuthHub(o =\u0026gt; o.AllowedClientOrigins.Add(\u0026quot;https://localhost:6130\u0026quot;)); // WASM application\u0027s URL\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EUAuthHub Pipeline Configuration\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.MapUltimateAuthEndpoints();\napp.MapUAuthHub();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022blazor-web-app-setup\u0022\u003EBlazor Web App Setup\u003C/h2\u003E\n\u003Cp\u003EA blazor web app contains two projects that includes host and client. You need to arrange them both.\u003C/p\u003E\n\u003Cp\u003EIn the host project:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthClientBlazor(o =\u0026gt;\n{\n    o.Endpoints.BasePath = \u0026quot;https://localhost:6112/auth\u0026quot;; // UAuthHub URL\n    o.Pkce.ReturnUrl = \u0026quot;https://localhost:6132/home\u0026quot;; // Current application domain \u002B path\n});\n\n// In pipeline configuration\napp.MapRazorComponents\u0026lt;App\u0026gt;()\n    .AddInteractiveWebAssemblyRenderMode()\n    .AddAdditionalAssemblies(UAuthAssemblies.BlazorClient().First());\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EIn the client project:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthClientBlazor(o =\u0026gt;\n{\n    o.Endpoints.BasePath = \u0026quot;https://localhost:6112/auth\u0026quot;; // UAuthHub URL\n    o.Pkce.ReturnUrl = \u0026quot;https://localhost:6132/home\u0026quot;; // Current application domain \u002B path\n});\n\nbuilder.Services.AddScoped(sp =\u0026gt; new HttpClient { BaseAddress = new Uri(builder.HostEnvironment.BaseAddress) });\n\n// Optional if you use external API calls in your client project.\nbuilder.Services.AddHttpClient(\u0026quot;resourceApi\u0026quot;, client =\u0026gt;\n{\n    client.BaseAddress = new Uri(\u0026quot;https://localhost:6122\u0026quot;);\n});\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cblockquote\u003E\n\u003Cp\u003EIf you want to use embedded UAuthHub in host project, you can register server services as shown in quickstart.\u003C/p\u003E\n\u003C/blockquote\u003E\n\u003Cblockquote\u003E\n\u003Cp\u003E\u2139\uFE0F UltimateAuth automatically selects the appropriate authentication mode (PureOpaque, Hybrid, etc.) based on the client type.\u003C/p\u003E\n\u003C/blockquote\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022resourceapi-setup\u0022\u003EResourceApi Setup\u003C/h2\u003E\n\u003Cp\u003EYou may want to secure your custom API with UltimateAuth. UltimateAuth provides a lightweight option for this case. (ResourceApi doesn\u0027t have to be a blazor application, it can be any server-side project like MVC.)\u003C/p\u003E\n\u003Cp\u003EResourceApi\u0027s \u003Ccode\u003EProgram.cs\u003C/code\u003E\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Ebuilder.Services.AddUltimateAuthResourceApi(o =\u0026gt;\n    {\n        o.UAuthHubBaseUrl = \u0026quot;https://localhost:6110\u0026quot;;\n        o.AllowedClientOrigins.Add(\u0026quot;https://localhost:6130\u0026quot;);\n    });\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003EConfigure pipeline:\u003C/p\u003E\n\u003Cpre\u003E\u003Ccode class=\u0022language-csharp\u0022\u003Eapp.UseUltimateAuthResourceApiWithAspNetCore();\n\u003C/code\u003E\u003C/pre\u003E\n\u003Cp\u003ENotes:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EResourceApi should connect with an UAuthHub, not a pure-server. Make sure \u003Ccode\u003E.AddUAuthHub()\u003C/code\u003E after calling \u003Ccode\u003Ebuilder.Services.AddUltimateAuthServer()\u003C/code\u003E.\u003C/li\u003E\n\u003Cli\u003EUltimateAuth automatically configures CORS based on the provided origins.\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003EUse ResourceApi when:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EYou have a separate backend API\u003C/li\u003E\n\u003Cli\u003EYou want to validate sessions or tokens externally\u003C/li\u003E\n\u003Cli\u003EYour API is not hosting UltimateAuth directly\u003C/li\u003E\n\u003C/ul\u003E\n\u003Ch2 class=\u0022mud-scrollspy-section\u0022 id=\u0022how-to-think-about-setup\u0022\u003E\uD83E\uDDE0 How to Think About Setup\u003C/h2\u003E\n\u003Cp\u003EIn UltimateAuth:\u003C/p\u003E\n\u003Cul\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EServer\u003C/strong\u003E manages authentication flows and sessions\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EClient\u003C/strong\u003E interacts through flows (not tokens directly)\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EStorage layer\u003C/strong\u003E (InMemory / EF Core) defines persistence\u003C/li\u003E\n\u003Cli\u003EThe \u003Cstrong\u003EApplication type\u003C/strong\u003E determines runtime behavior\u003C/li\u003E\n\u003C/ul\u003E\n\u003Cp\u003E\uD83D\uDC49 You configure the system once, and UltimateAuth adapts automatically.\u003C/p\u003E\n",
   "Headings": [
     {
       "Id": "using-entity-framework-core",
@@ -29,8 +29,13 @@
       "Level": 0
     },
     {
-      "Id": "blazor-wasm-setup",
-      "Text": "Blazor WASM Setup",
+      "Id": "blazor-standalone-wasm-setup",
+      "Text": "Blazor Standalone WASM Setup",
+      "Level": 0
+    },
+    {
+      "Id": "blazor-web-app-setup",
+      "Text": "Blazor Web App Setup",
       "Level": 0
     },
     {
diff --git a/samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.EFCore/uauthhub.db-shm b/samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.EFCore/uauthhub.db-shm
index 3490745a1d6fba8b0dd9351709332192d43642f9..274b15c6cfab2fa0da1255837b1300c217392e53 100644
GIT binary patch
delta 842
zcmb7@TSyd97{~wLOf&6HTdw&c*owOr+k;&o2tqPfiXe(us0|FFh#-q1W5FQEWub?l
zmpBkTL{Jby47hr%tn9MgOEWdww2PJ5{eH2lY2VpdaG{6jz;F1z|Nno!GiP98F)bF;
zYV-T2L9Jqj0B;^Y7IR%S*Q=M7?QDtH53X5WSvR?}MjlD@$^QS%tJ!L)xg%N2QPEJF
z)WQZgCR4~1F@7e%sCW98XK^Nn@iGO>B*rJIX_n#U$`W%Zn5$-}T(+Mlc2oXn#;-gd
zQ^u4t6-@R%pV&nOqxsyw@-n3Nmbzx58}HyE?gAvbL$=wD7tlzA^lf6e!ZvT?J=__)
zYrbvW#7q2uPI)R46+;VbGldVZoQUjLm?HBIK4M%(XkWxa4?e+@5!#lNkh>noa2ogU
zQ_#|bW-mTtykmQcki-KFVhB0vgaaZPj_U~==lZZ~HtymJCOA>UkMrnLy4<=fqFER4
z5MS{d-t<1XWkp2O8_=u*VsmBO?7%CGQQjfBZ)HUDoIxk<<28Q4Q0jiUcU1}LjX04W
zxnVVLmpGYj)~{vfA|A<*K81`Rns7=c*L9M936C9ZDvqKhU5bG!TfdC{bR(NLmJpp4
zA-&F+hbwp@_iPGlbWRC+Ij(XjNV2IqMRd)n8>1;Qu44eh+!vEf)TGF2#Z!F42y)fU
v3&}MdU3df2`3|CIyKT1N8UGLL2FNu7x9}EYGj3{!ZQa0gd<W4)b<yY_0`cN=

delta 440
zcmZo@U}|V!s+V}A%K!pmK+MR%Ag~Td`v9@RffApCS<n5?+xLI|Jl%9&fq6yJ<j%7n
zNL3Fs3JgHz{zn2(;f?hNnKoZxxn{lj0m~FdMuW{4Su`0ZUvXSB`4UUr<bO_UHeX`V
zV4Qr(1tRdr6(X?tg8MZ_u+-*rUNF`fUmc)ImKBVqU{e?sCSPP(Ik_aT2`p#^5mW>T
zZY~N5V*-h8E(nJ(Cg(+gm2I984V9S|2Qh7PRsvKcBUuMxC!;#ptjW*PAg*E5fbgGW
yLS45b8|o5!u*BwVc~HIsgukT_=H^W$FxG~0D2q`KV%m*rsOkC;{<S)A7ytnL(5+tp

diff --git a/samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.EFCore/uauthhub.db-wal b/samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.EFCore/uauthhub.db-wal
index d3a275a65698a55dc74f5ad03e7be06c5ca87321..4eab4800b98de9c5d438e4baa2cde7df4bc73875 100644
GIT binary patch
literal 1133032
zcmeF)31D1hz4-l^Nt&f?de|c%noL=mwv)`hgmp4Y8=9nT7HEq&PLq>nXfl(|OxlJ;
zO<5`k-iydpyei;T(H9h4{-Rz*y()@=fLD;~dclROpn})!is<`1GdY<vlSwkumYU^z
zXou#U=Q-zjKF>2JbAI!j^LXA=b--YG=2Zs6F$TFDxc3jyz8!a+?*8E?ZaseY&;CiQ
zGV0fl7^|!AzWIiMo~<3RwAwJ3NRC9)4GxjpWHMaP&>+&9CjZK8a*_EfGylrIWcH`~
zx!6BVhUV*<>ckeKa*jd#VL<=^1Q0*~0R#|0009ILKw!ZMO!$q}^){RFfF&K>Ijlw^
zp>StxS2CK8CE}@$ME~yTYfORekiR$7(CcsO2sN0eCongxsaxJ47IXW6xuLzQH?$$t
z-O#nUx1p=AqoX0PxvQtQ+b`BPn73?-6wAM*yS>xjy}e;mX#4ufUG>IB)Koe;GHPz<
z4Q&&<n%rI8@+N_vxz5+(1#da;@(-^0$jVdYHTz^JVZpTv1x5e?1Q0*~0R#|0009IL
zKmdV~1@htoFCG8no8Rhu=$Pzx`QJAv-!FMTBt!rK1Q0*~0R#|0009ILKmdVxBXGL0
z!m!zHwYx1=r^W7Quz6b@-d3BV+39gQU0&xptF_f?6~)cFkKhA$uWh~Ht-pBZ9QP6E
z?;DVD1^v&Z-$$T04Hc_aiTemvty=ZVc>_m55I_I{1Q0*~0R#|00D&beFtN>4UGMQ2
z4{R<nGJaz$l};qb^T)1FuB@1CeEejZ+z|Px(e`qzeBQ|R*$2u`?Wo9D`7O!Bz*v9!
zA~l&3!}tq!D+bKBS5(zs>M<H(@d0&zYR|B^dp;5!OD8fv7YxYPYHBN5S9uLwBRk0=
zxsRYi)<wIIV9Rf>{QdEctA59Q1X6_s0R#|0009ILKmY**5I_KdMK2)Z9F<yJ;J(p`
z51an_qi-yi)y_VuaM1%$K?D#$009ILKmY**5I_I{1eUNs-hBicUwY=hes|@X*UWJr
zL5I$(Rs8#q?ju+xGb+!^U2RfcQvRsCs64;?M^zuKx}@^YRmW5eR({!Nu4puTPyBbJ
zmiA+38#U7BA4?BK`ci7LeL#(;V}mg<`Xpj2y85`QuUwUR>g2)InXxt5L_KOs4p-?;
zB+{wrYn1#^HPaL1hSZeu)X8G`bt7pS{C&Nf+q=XuJ40Q)+A}C+(WVX4(Khy~@n}3<
zFxW=hC|x$G<1=gxB-LnI9q`YXdvqXwyLgPIw&!kjZ(_GTuWnn9+CP?zrN^fR0u?@s
zQ`^a03G|Qb^lyqx$BSfZAJK&Ry4tt)g&NkFCso!rm?t+iiSb7PrK<j7+f3t+itK%|
z8|iz<F$cD-tgc_Z+IY=AT_5UB46Bo!C-cv`V!bA_CBM7OI`Ar6pvhdiPNM0}+VWk|
z5p{-U?~)Ui496~42WClhIDI3i4y$?nO4m1LY;w^)uDYuF_SLhuPliK#e`kJJb>PJ1
znGthWw->a?7Bx8%%e=XDZKGScVy0HorOCC|tlY9BGrmQ0yDQ!z`fe_sOq*->T*j2S
zLDvHcI(X*LqO0eUn`L)zUorQIQ<giIZR*5XuzKZ|+N%0>>x|noz>_2QQtF;DHQuil
z{J1<1wP53#xagMaMb4&cYHO<N9S-9`pT5!5!K9iR>J?{}xYlI)RkeBhHcvw7Q{<Yf
z^s{ky{toocMNh|>;?3CDvv!kA){W8BQ1Omnp8b41c^;ba(1D?7ES}q{d)IZVqr=gD
zb)ap0S_yQi=6cVE_K(Iy`^@<JVz%E2v%T-HX{@TQKmUB=!L7Q!uqB#G?MoyFM4>Xj
z*rUUfJ)+2l>SFz(NV@#qQNqc$=st8Eq@+{vT#eeFRMWHciP==AwTP}Ywco-$MV?-*
zmAfOFN{iy@J_6`>kQht$PyG_nZJ4W{^v&|Q;ZT1!Y^|=USI?jQcSDiZ(tcAE*;I4w
zah28eE|>B84Z3b8KTgWek^PxRk!Q~^`RkSy>umW+%I;@{*^h7+>rae|cAV)`SneIx
zJD!(L*W}@7Y*==av^p}H7Qc*U+L!E5T3YQKr`wHuvb#FaCwzyCZ0#1mQRE4xTaD(m
z!pw*3R#R$PW)sh7pP?6LlFar#$s`Df$Ig$9%(jc!PMn!t%#EYHBWF7oZdg`Te~D}M
zexBc3v@V{%wu<`*GII$m()$R+#kKQn@$%ZW;^l->#LMxk#7o|N1a&7@MephS^7pgP
z9emQDJSkGJAb<b@2q1s}0tg_000IagfWQJ0SYxc%bh3Qrpw(%!+pR8_%NJ>n$I^Yn
z>DY+)+E#{xY}RILvrAMe^IgAoAHnDE+U#iB7yhukkHDz>$RPf(Ab<b@2q1s}0tg_0
z00IagfWSf&Fjs7<og+FRswIc>Pd#_=q4V!IzWa*5Z05Ox3$ei|GXe-8fB*srAb<b@
z2q1s}0%Z$S$sF2vfz8jnc=GMu|NS!09W2|C3<w~A00IagfB*srAb<b@2rNW_YFTJ4
zE->)x`n$f`@zTSL7g&f*NtqEq009ILKmY**5I_I{1P~}&pho7<;sQVX`q@8mJ-YFC
zj29@|kqihRfB*srAb<b@2q1s}0thTbfm&H;EiSNY??b;n*MFLy@d696DJe4o2q1s}
z0tg_000IagfB*tz3uJ}{XmNqx|MvX5kL`VGJ#m4u9m#+I0tg_000IagfB*srAb`L^
z6j&h(t;GeN{o1Af*Ky`KKP4`(5Sx-RBY*$`2q1s}0tg_000IagP`1EInL~>UG=8l6
z*jv}U=7T(6plnAnAb<b@2q1s}0tg_000Iagun+|@Lj$z9!2fJ{^0mz$t+;^k0t>Mz
zDKi2HAb<b@2q1s}0tg_000LzTtdcpjxIk*>@fUx3;DDR)0%bdr0RaRMKmY**5I_I{
z1Q0*~frTib$U<vzfscRg+MmD8ki3=g0t>MzDKi2HAb<b@2q1s}0tg_000LzT93yjR
zae=k5zr8$KdERRoFHp8484y4K0R#|0009ILKmY**5Lk!;$I3!$ae@E)&zf%~pT5P+
zc!7o3l$03(1Q0*~0R#|0009ILKmdWV1&)(Bw77us*Kb^%x@E;3j29@|kqihRfB*sr
zAb<b@2q1s}0thTbf#YSNwYb0wKVEfk?U3!eb&Aul%DBs*oU>}xs$Z_K)_tw!v&(-}
z_0g(JmIW&RT=CwDLE|o?+3-E_-;r9{kFBb|)MGTn;sfgb)Sls3T8%`<(uvrSI)K>E
zjK`42jP&`((nFEHl$vZGP~+*?U`$P>BDSKdj|(VO^%vWU6j!&a9yOJUCF0$QM0#pJ
z`gO-#edVg^dYjF7aCJJmb6CwDNuOf+8YR#j^7n=sdi`x3p$7Bx1m=b{b;}#XVs0NW
zH?(*4hBkz{8@e|4HgxrMbTkAuclGpk`^EYO^OjAMb=Du!+_0s)z0=>ly<t;mdxO8P
zcXNA}IA&+4t9Sk6j%9`9&U-`K#9k-&tZnR7<I#9}hK&+;lR7@b)<9B?rqu!ejJZb#
z^0$i$X@~7r_a=7h^Xj(ssQqKfSbF>-(Vn6`rmJW>nJa-F&tD8LlC6D26YA?~-`W>y
zSYw`4S>Iru+|*RJyvbEpRo}jP_CC~|7*?k`Pv(bJ2ez%Ou3x>{c+EatugPr6_J+(q
z>x%W0%$EEPlGldCd&guhUANG@W^L=P=!iN)Lw6;TBhlg5<?6sJi4LbX1l3_RuP5nx
z!;FnATBLo&3@0JoyIOK=QIjLF%$qx}ZFH+w9yoD%b-l-9yt=)hm2`=6?WJ3}Vy2eU
zrOCD7tW6+`I^!EPx4Yu4r0?ugXNrQ#=btR{yLsl&qQmQsBRl<;+N%0>>x|noDwF5=
zl)7h3jrXesKQ7OcDA>3rF8bGck+bQV+M4Qmhr@W#r<Ya-lWJ<HSDX~$sYz%3s@lAL
zPo77+^(k`3rJqO(cA$I96hD(@iZ^2m&Dyq^tQ(`Lq2jG)p8ZridB&gd(1D?7ES}q{
zd;4^&qr=gDb)ap0S_yQi=6dsn_K(Iy`^<Q%pY3!$+Z*_r#;WT2^UpUP+^XvfTcWAd
zzC?0B6e{zJJvuzuBZ_ROF4ixKq|5IeC7eZz?nBo>N;;>`)u{bRH9bq8m`!zBi|ATY
z`vuyQj*g7Z(BC?uskA7b?zgvo2Z^y{|I}{--G;gPN#88L@(=YSzqPumUOj*IU%N$G
zOZy~PWK+$x$5mF>yIjWWH|V;Z{5UB;NA^e4;!{WV9F)IqS+UNRpQP-5R+#+=cd`D&
zsA$K+kCj^I&Ar2V$Me$Znminh4a;tlR!2tDshRgBJCv4I>vOu@bR_!4=e<7RJ6vRI
zxA=`BPcYqTG_MtAK3un&QqwY<nwsg8Lng^=?~_b|Kq8(R8=2vakV!Gyi8GU6ZXE3$
zIor8#!?LRSOI)+}^ZeeTb@BYQRTJAxnU69DHfMTwBoYdD#&#t$-8!`~mP#j*<3(3i
z<oEBQX>uKWYM;5^J2PCh%&?;(U42V3F)-Gjo?^;7QOgf}6|;TdD|(!Wt?24XaeY}M
zuT>}f#>_?C0ZS1r*=zH&%QdFioMeI=lC&v&_Z5C@pMHS6&uQA5wKp~*`ug-Ux?mC2
zI6>A$iwivS-glUv`L8d$Ebk*&X&5rBc&7I0+JC9OtG2W9>FS*o2P@yd@~nyr#D*iZ
zT-$d_b$wHl@dj0QKArr`GWok(`{}fNyX<LJ+gP4kVP0K-D*o}U%ui8A?@D>vNvhz`
zvwaXKIJNlGncvZ~UN;BTy|LV{_kv>uhNH0&ah}h6>uG(kQ#7!+sE^LDdFp*z*yShl
z>#tG51sCM0{NP6B6KzVnK%e@28{XU<YTwY633lkOU$g{G4c(z|s5{gZ2=x?%Te5o;
zT}*d%pUbwnt05Tb2#HWlcSuBB+5^4feHA*ns(!m;_EYj?r^@bKJ0s_<eD#4>om4F^
zqORVhdwa;whM7zCY&V|z@#JD}kg2V?cgU<)8#4XOfty*cGyUQ^c~@Nj`!K(Q=-Y7W
zI#X9Z{ku?4traN~Q^{Ox%FD}h>#ORwuA5zWYUi5n)QVHCdE*J0llS#!708NTB!l8}
z%jC&NX3*Bu&*ZBm$Pv%^i!Il5xy-uyYww!FXsXHm&fJ#aSTdE?hh_Aixx`1Z88!uD
zDREsmKEu|wSTa2n6u~>~eXiT-22})Cl0`PO#S%r<c0}X5#-h85?MePZ+mVPD+Y}fZ
zPLCyvZ7Dnh=}PvGxHt)%ICorG-~04kSnD&dx_b3-nah!DV+FmqBQ~h^kN4;G<J`Iv
zXX?qhB!|?O_1TYXZx$D%>9JX^Aqsw%P5<bmy`%mSO}*jxxj&!Frq1!{8#}l5q$BvX
z#?@~;Ci7AM;Hd>YNB5OT?j)sKdF)JmN0;W1I!|8yBinllu2J)UEtxNh4v$TpFbcNi
z0@$;qYENxR#zvw^@qNb(pI^*#^*iwaNPZ7hJgV|a1V@g@_gV)pdQ~PO`!@0ZEc{+8
z`?)6Xqjq-Hsl|Fw-shhD{!>U=cokIS5P6qD#Xr((AK;3AT-CnUDf(IVFn%k~)eU4U
zq(@cbGsa8(J5!0_v9vnvgTL<AS@u)<w9g>gDX@eO@jdbAXlf`i)Aw`!{&Z}wI_;uJ
zSA_0_IAM!Ri9ljZen(i?gj!L06Jz~DbEGLawU=_4GTT*8IaeBmU;RyfRL{15WU2=h
z`SMTO)-+jD{b%38>zB#B=5=G)|E8{Cw9YuwC5-k><IGnuncazZmF@y&DpS$x7jb!i
zqP)b{;sW>n*w*2y-?xS53ml=q2fIN40R#|0009ILKmY**5I|sl3!Eg2r^N-%ec+cb
zeCA_6{Tt60nBR>?=@38w0R#|0009ILKmY**5I8~t^>RO2T;K<HJoA?~e(<te882{z
zblD982q1s}0tg_000IagfB*vXTi{i)cv@WGldErk{fcKhE@r&I{BAT#hX4WyAb<b@
z2q1s}0tg_0z!4HSS?))R3pCu{P!s;Tavb9Yj*u?9K>z^+5I_I{1Q0*~0R#|0V15gn
zB8#WR1wNYI`ux7jf4GtH0`t4kC>;U_Ab<b@2q1s}0tg_000Kuy;8eLEEiQ21UmyA7
z-(G&Sn(+chNSECpfB*srAb<b@2q1s}0tg^5zXe_`i>Ji})X}e>vi+fh$1+}Eem5GW
zLjVB;5I_I{1Q0*~0R#|0;0OtvCikPo1+MH}8@%bCT0g~jfg_~LZV*5K0R#|0009IL
zKmY**5SZTruaU*m;sSLSKRgus<BxvFc!BxdXp{~C1Q0*~0R#|0009ILKmdUwB=B0f
zA1yAh>e}}?Zv6OtAFHc*$Z(9oZKzpQ9jv-_+2fT@RIaSpYI=+DYlf!{Ze{bTtLi?s
z^5vDG6{+RlSbkb<G+UO5HD^@UU+geW^u*!=>i+g^kv{)edMMJZ4kp#qP;X+l8c#)f
z)p#_Xjs%9Hv3UDHkrYjV?vTGX)X?4)3~g&Lm$Vym!{)9AbCI2y8`hY!M>MZ*Fi#%T
z+%yqAy}Ewi`Njh$=NENLG?m(yNDc&&>VO(g$D+ei1@23!$xZ5bB&ZInX?4J#&K|8u
zjx{q>ph!|pW7^L36)KW1zgm;IWeulFC+c{?>gxLb^Nka`%dO*#H9PB&Yj#NWX_^R|
ztLt}(Dx^xTLbtkC^t0KT=gjgeF}2gOs*%gpG~sQmuHP;yqLy3{?Y&W?_0O2BL0?z<
z*1qX)lp;B_e%3xvRt-dQ(FP6Wwn1qBXiU80XL*a9UVa-)?X;{K<Z?AljK8*~exkx<
zJP^un1bLE@Z}$FZI+loQRN7mzr#~^OMsg>F-tkd2`v%F+w|e$Q$xmF$LG<;^&pqS2
zKU3DsiEirrC5tN>(f^w2devo|7%RK##p-IFq51NQS+tUeT&t#u^{0vVkf_7OWz?Zq
z=^GEF^yQYjX=1~xtLt}*;$Bfoal6%&n(kKjjHxNzFPD7JhO)|CxW`f}FfE@rd7WBa
z9~Cv(RZ2}d68+-*+b7;n!^QAlQ&uH(J1e#P`YcTbL&cT#O-;rd)O2*`@Z|fpM@^-~
z8$FdRp7zselLhPbw{?WH&l1{3@s6uo-XIpUJcG7(^@cWtx*NJS_cnC(b#ycYHh1;(
zcKgNp2J@CplOKC>dAD@8clx`xH*5-RZ}9i^Zf@_I@HGok&ot8R#IU+WO^(E}CDh(Q
zxmDRR7bLUKU|NuD`rh=W1&Q;|F}VVWbIBS@=^yhZ&!UsX)_)MR%~WW8BCW{UC!Eqg
z=4q)#QP-DV)Xe8o?YC~;XI5)DMV;JD9<9Dg`LJ5*risn#s_PRD<AK`zH(6dmG>%NJ
zjnS0+Y@PRUCogqN*~QM^WjR%lIpr^&sq%<^;#yl>e~Gvph?P^LB0Z&fvK}*h+{vr+
zG@-I9(KONAlr8rqC6s&eO<uIySjzFA+EIxG&ZTdf=vb5OIu#`pxLX|^j`phqZR1m&
zs0jJ`a*AGLmnBxBSWfXyIIHw`!qn%xS>Flk%BfC~U6xp#shoxHgyu6#?@?1bDbg%!
z52+qymtOqZG&IO-dMz&SiO<&V{?|8KU&nX>sltK)0tg_000IagfB*srAb`N47ig3<
zoQexXK5&cweNUQ+3oQC}r-BF|fB*srAb<b@2q1s}0tiR}vwYFw0_q9pt^3gXHot+m
zfK*{Y009ILKmY**5I_I{1Q0-A(F?4WHPqq)FIS{Kx$m;?{*k!AqHlL9hyVfzAb<b@
z2q1s}0tg_0fD|}gzG!iQxBTFtyWe!_^+DnSQiTNp1Q0*~0R#|0009ILKmdV7FK~ve
zp%xdo`Y)fnrKa*@Yl#ai`gW&+2q1s}0tg_000IagfB*srNP#ouixwB~9>3zbzeJ9&
zAub?QSP(z}0R#|0009ILKmY**5LomAXUQ6Bae<G#<x0o$_`4q<F0km^oeCm=00Iag
zfB*srAb<b@2p}K@*2otvF0lR+z0aNS@4kD83rH0f1Q0*~0R#|0009ILKmY**7QH}|
ztf3Yc_+fqDEvKBl=@Y~S7Ja)@K?D#$009ILKmY**5I_I{1f;-P`J%-I9{knM?tZKC
zek*YSsltK)0tg_000IagfB*srAb`N47g#52sKo`|dyD6jJ$u$x5f@nW?M?*|KmY**
z5I_I{1Q0*~0R#|`0_)|A78kh8{oJ}Wo34KcaRI5qf&c;tAb<b@2q1s}0tg_0z@ith
z$Qo*Kfk?{@xBROAUp_}%V9~cb6+{351Q0*~0R#|0009ILKtKvK%NH#!@N?H&c3YNL
zK1EzWs<0q{00IagfB*srAb<b@2q3WN1zKbcwYb0|C!gs!@9k^9O<Z8nw>uR?009IL
zKmY**5I_I{1Q0+#3RvZf78i(gKfHVFn-~0*xPVk)K>z^+5I_I{1Q0*~0R#|0V9^WM
zWDT{rzzOf@z9n_qpW28EEc$k*f(Rgh00IagfB*srAb<b@2uK0De9__p-#+{Pb;=W8
zF%TD!Dl7;ffB*srAb<b@2q1s}0thU60f(%i78iJ+>g%7p=x1L$iMYU`Z+9w)00Iag
zfB*srAb<b@2q1uf6mZHHEiUll6Y*WYNIdt|I<fB9%C{S;KCtZnmUUIWUD>kgkyU5b
zrB^<@vT?<><sYs6d+kuoeKp5d@2&WZ>1W2j88;gC%KaSPGO;;WUBBCAJfOtl1M2?v
zZIM3zSb8YZmr|2kl8M3Cu$qeWs_|$%omsa@9gj?|7yq1|wmr}t^7n=s`nuY;_JtbS
zyMm!@4dya;Yi`)w)nJ~!b92KQbG9tz^<ujyq9}v>XRbu%rU^%&x_-OMIH69jQAcc0
z?H})-UZ>o#a!EGMU6owo0;9qj<PsLIL(@cmTXp@o$9Q1%^isDEsPS}cFs3G_HAV0E
zs2XWcZAr#PqDftI=(22>tVXe>&?PIVKqP<9h4s;8EM6heC~^<7ai)qV+GeZ2x;`Ol
zSzA^ur}mI*CS3u-hgQL<ogPZva+#YZtQS<*U*a)NTvAS*iq<4_NHr<D{7n<l^Q-H}
z=Im?}zUJ!ssHoYl{F-$qhSe=<awL{Y#S-zUKABsUtz1De`wW#UNT&6}+}`x{D@dH*
z_jFmBCe~Q0>o0Z~CwdCXt_~*E)KG6?x0);Y<e6l$*!mQ<nF_5>q!n2^A?eOu-THL-
zrPWf4qOLE!sF{Md4-_e?wVa|(?k10R=Avq;n<h4|6YpQgwD)gbH8qY*u8q;uP^4Sk
zE4&B%=_18$DZAMDyDX;)GN(KvO_fKSkxn_gx_)buabiP$Kj~5PJNHzUY!$T47tBz4
zZM$YMm0e$4Em3~I$R!npYb~j8q5Y#V(W^CIZNKN2Sh%U|a~Cd`v}wZS6K4k@H!{0i
zU?>`kw+|F{0<Dnel~~AWyP3PNlUWK|`~+`xeWxh*`6ZP*zrD{bue7C?v1wwRr@Fq+
zW}LXRXtBBziS*Q&Ht&2j37JW7&Sdds`1GYus`X6mG^9Ie>67L6O)arFXSu8Edqios
z&s|zsGVP3|-}Tw$7dE@ABC46%=a+RdZPP^9Rb3wwzX`4?TGUJ@DU^)_)xEKPwV>45
zq^+}ef!X(0r0CfU`DNFf#koo=i8xiQaTfhOF=<-#z<Iqlo5FVp<u9|?O%rE0L}wP}
zn@cb+(m%2#^_El88M{U?->JUQV$YI_Q<VPdrzmM=M@74Yr=*^oEr|BMo7`K8vRdk<
ziPLRDcJ;K=g#2JM)r-3l$&u)A>~eLWD>|Z1{?e5R+_M*SmYwL!nMs!4Ve^kD`l`WN
zU4O19rX?RX?+BV@W~Hl)qO}jqQ5=z=X~NPXt^>uV*NdkYA@@mf%1jnQUm#r)#|-^Y
zX3-_nS~k0<!V>Bd=F?3kZxYw>E_p4l#RY!zh4fEO`^;GvGG5^DA{^vK009ILKmY**
z5I_I{1Q0-Afe5%|IkmXJ{*PR6@ZEO|e1o{a0%<*pi2wo!Ab<b@2q1s}0tg_0z~Kpa
zWOgkspuTt4PgXxL@fzX+hlfgT1Q0*~0R#|0009ILKmY**7KngXmQ#xhw4PYG>qkFZ
zdk=Ae1=4yH69EJeKmY**5I_I{1Q0*~fx{E<$?RHOpl9_Bw}0{G?{yOwI6PExBY*$`
z2q1s}0tg_000Iagus{S_WjVFDz>nYco$BxOBu9x0ERfctm<S+%00IagfB*srAb<b@
z2ppck*)qEp7ueDB$ZMbe@%w*4T;T9f$&CO42q1s}0tg_000IagfWQI~I7gOKiwo4O
z-m~lY|EWEJxWEEwJ&K6{0tg_000IagfB*srAb`N(37jjlYjJ@`4VxqB5BGkbxWM6|
zk{ba85I_I{1Q0*~0R#|00D%P}aGoru78iKooE-=MWA`oZA}+8%T90BPfB*srAb<b@
z2q1s}0tg^*cmn6k>{?u4%odG2_MU%fCN6MzsN_Zf0R#|0009ILKmY**5I|so2wWh`
zsl^5Uz3Kn$+8p@yUx^DWkk+G^2q1s}0tg_000IagfB*sr9G-w*X4m2ZSH!M<ZTpo6
zpCK-Ac&Ow?009ILKmY**5I_I{1Q0-Afe5t8a%ypbTi(8-y5;%DE+8(jKw6JtB7gt_
z2q1s}0tg_000IagaCia%nO%zuyyt5Jw}15>(;tZo93CpU5kLR|1Q0*~0R#|0009IL
zSRevHSxzl3@WE3b+x3+_!2#j|3#9cZCISc`fB*srAb<b@2q1s}0*5CMlG(Mmz<2)i
z^Pe>Aed;pe0*8l6ZUhiO009ILKmY**5I_I{1Qv)uSe8?Z3$$Fb<>3E!-+e>G1r|u_
zQA`97KmY**5I_I{1Q0*~0R#?DV1vxA#RaY~pY)S=zxvqohzlGZD!CCr009ILKmY**
z5I_I{1Q1vt0vlyHwYb1<KJy>DhQ9Lg4&nj}r1dB!0tg_000IagfB*srAb<b@hbPc3
zvukmI6$d@Hf4-$TNnGIYP|1w|0tg_000IagfB*srAb`LE5x7v6Q;Q4SKlng(Yu7o)
z5Eob=tw%8tKmY**5I_I{1Q0*~0R#{@Jb_IzyA~I?^nxAM$Q8$R)QNQ~svj{ZuUqwj
zy8l}Fhm~zB;>+Js`<+@t&5&5lf&c;tAb<b@^Ic%#RpILT&FhR4fmnP%-QT_~(&ryb
z4@LS?YO*^qtfnHpYCIZGXI5-d#|yT01iC~1-cUn(S1`1#!8~VnbHnDY26Mqq%nfVI
z*`t`(i;d#Q;y~u6i4#NB^_`+<=g(0zS<d!>f}LJiYRR&>ODNc6!lsGM!Rq?mHsb+h
zdbzeF6N9noYLUtHd4O8l_Q{g=b+vEpD^95;EocngZVSt=<tT0|m~$l((vCoN{dSje
zLY-ctj@Y2uKi)sRPC4&fl8tj$C6~CMGKDqBB`jWtriuQx>iThy@xbcorEVWk<LTI7
zOidPc;7ITIs2XWcZAr#PqDftU)@9i+OW)BYE2u!ho(t=v%UHZZqETeo<a=PMc%p5#
z`m5^`qL#H~)pBYNxn|N8Abe;QoZ9K3)Ge2}X~KFzb^RqC<HRN9)TwAqLWfk7vdiBz
z5k0@Ueyrrqmg!_&iR4IhICi-@a8Y!4Of6de;N0&RUAt*LuGsENu9Mcu3W_JX+Q#$5
ziA^-i6(u!GLH?rE3zXM91-mS{N`?8FCS2!M*GHR-6C?Rm=}}XuSRy{{q|mMIP3%?&
z{ON2hv}A2F6kpq}wa4V|tjN@E^d;94&-kv-<!YK}Jg2&Tt0;Hh?B$-^r}kS<JA{As
z-lQediaoWLxr>`i+9W>GbjZJ2T;PhP3kL$8{u>xCFyBAyQ9c9^KmY**5I_I{1Q0*~
z0R)bSfJy9SDlYJ=N2-2z%UAEYS&kPl9Ahvj-#;S9U?&J5fB*srAb<b@2q1s}0tg^*
zR0U2qRv0$ht#-G?>a^G$4K{D9!`o_eG&?;`r_1YHXSKFkt)fUL%3^8b1-|yxPu=nN
z8?OJTj0+f*w;IGB76cGL009ILKmY**5I_I{1Q2-T1yaW4eT|(pH35U6#_qKF{qBIr
zVhsh_EY7yD&*BdTLYA;M9JGsz`k<%H5s9Q?@m<4eBodutDHa`YJ3Kb8(<7>NlB}8*
z7YN^d&(9yf@M{;#`v{E6QwH&e1px#QKmY**5I_I{1Q0*~0R$G9z*!Z2wWS0XM71`G
zzf<=S-2LP)&yH+*c5OB;@VG&Fe1TP*;v#?m0tg_000IagfB*srAh47LnkySSYfB$W
zAgJmkmo{F&eaWj<edVUVza@Jg!H7W_S<0By9RUOoKmY**5I_I{1Q0*~fg>m|ag6bJ
zajU?o2E$pCdzJSLxP3mK&D!R)xZG`ii__~3So~pIz~Xh<T-I<~xXtAYlzyQ<pbkdI
zhSUB5F?mBQl}<*}iRA3}5xh#4MT-l3>XU)ztKWIkD()jVg6+<(5I_I{1Q0*~0R#|0
z009ILILZR@K7vvL4x(7?;_uXb1b^B2a>r*Me94rJ3p`{{9y-be=WqxhfB*srAb<b@
z2q1s}0tg^bzJPm~7>H2D4Fr?p3dDhql?T(t3yki*^VN<|H(rswkKlC%<#pv3g&YVV
zfB*srAb<b@2q1s}0tg^rFibQW>*Ndr_4T!Z&EkfEU^wItTkUO@kVo7#;I#W(7N5^5
zUc__*Hm4&PaJ#Lg-!KrBcM4=)X1PsZmQ7Rh6dotrN{b6@f9JvHY+Ek;EB6u5gAqUg
z0R#|0009ILKmY**5LmbZ@;-u6;t-;S;u#0IxWG4l7P#?!>+T-S#s!`?D9<lk14@nn
z0tg_000IagfB*srAb<b@If3IV8|(FV8pr_$Vrx*Q(8deg{K5J+o$;0TUzd#wJZDgz
z%jM@^2q1s}0tg_000IagfB*srAh2KsPFU7hQ!FkJk~Pxe0xe&@<%vzZzj|vnF7UWP
zd3?dvmx3dJ00IagfB*srAb<b@2q3WZ1ez-wJN1JCqO&goC@hh*xWKQ!HnI0pA2mOm
zjSD<xP##-)gwz-T1Q0*~0R#|0009ILKmdV-D$pXPC8#YgF0et=b!wi%w><a$9q+Y`
zda`kWM-9rO3sr)0BY*$`2q1s}0tg_000Iagu;c`+Rbu{wGUEby^AwJ~=f>c*l^=XT
z&QoYwb*q@CP`t1pfB*srAb<b@2q1s}0tg^*GzBJtCON^M(dWxf@aK2?ZSHW;X$geG
z9*Z*=a9P?yHjl;QwmaPJwou6H^Orus-}21leiw`lr(+}0v>F{t4>k8EMvAYUWum`X
zHf84kT!`}&{<igrh8w$Y{E8eeU{dZiDEBH)9nGfaSO_4100IagfB*srAb<b@2p}+{
zz?zCaV<}M*)1l5&_|QOl>-r~t9LvT99u)HwDi6+B8a5z+00IagfB*srAb<b@2q1vK
zJP<geve9SMjhK)#5KbEqVJc;w!fpSqeE-?!e%hOj3w%Y)Q>c7p9#oJbAb<b@2q1s}
z0tg_000IagfIxA9vz9d)^-+Nt?vpT;G*97&N3Xrg7XI!?HZE|dn5R&=v-n|IivR)$
zAb<b@2q1s}0tg_000OVLK#Q1nP(Ku4_Gt&Bro)`4@Z-Ne`1SWb5`JSgE^xb;r%<{5
z6|W-)KmY**5I_I{1Q0*~0R#|00D)oxRyplpIbngrou{y&`rvSD<ks43T;M%oo<ik4
z#R|qc1Q0*~0R#|0009ILKmY**5O`$;>|)YEV>wZQ<)*`)r*P+e@BGt1@cVy~^AuLp
z{US3@q4*yQ0tg_000IagfB*srAb`Mv7MNIHk(v0fu`xUGpUduO3j|$Wi$CmlSe))Q
zzs1|;4_h2QtHbN}xq>dcSN9mZImWJ^V6!`%F1N?)v*!La%PfAgY?_?lk9i6skvY(#
znRyj6FSB^gvMEa~y7h6gYah7x57E9Icb&fJ&$aiR`MtU)<amJ!<vN3M9Wxb59~J}<
zKmY**5I_I{1Q0*~0R&z-0Xh9(DY2T0SA3qr4deeE8NGPzIoY_tJqG0-W-5H;+MPWk
zfB*srAb<b@2q1s}0tg^by1>bmjg7iz4dljVR2;c^3cviW$A0?2lY9HKae=!s^Asv~
zm0m_tB7gt_2q1s}0tg_000IagfWQ$KI91F=sE-NgZr!LjqVp6!(sNF)Ke)k`jSK9_
z%u}fBIpXzUhX^2m00IagfB*srAb<b@2rNy3GUpwvC^P-x&Qti_vo3vNcx&Ya*|<PF
zGf$xsUz$xttr0)~0R#|0009ILKmY**5IC{|<xV?TQEmp);m%Wd@ZDED_1v>(MY3^$
zSZ1C=C3a*L*c$=}Ab<b@2q1s}0tg_000K)+pzKKpPpBw6%c0Fvc%p0zZ9an2pa1WA
z<C#@=%Xtb-O1(jOt9W5S009ILKmY**5I_I{1Q0-AX$d4v%ljHTYij%kLyglN^0Wo5
zUW?o5c3PZao898GIlUH-+wBiKy>`FX<H$|wxO0wW`pkjOW~<j~x4Tlt>@fr4n0BYl
z?{^107HcTbW^uNKeHMQ(5VC~5;h^2+bp}0cx?|2YrQ!5rI-1=MkIn1!h-N)WHmw#H
zh}?L|T6fjId{K@UFe&#Ml&8cC3jzorfB*srAb<b@2q1s}0tn0p0Xa`$DRBzZSrvV?
zr34p5r8bJc9a>!Aj!U0xHop4S8?teMJ2TH6oDUVJ3<w~A00IagfB*srAb<b@2rNl~
zg69s-F&bg#Av||5bDw|~7w}nLb@7%LKKAO&eFUq1U{FTH3kw1WAb<b@2q1s}0tg_0
z00Ik7U_vn+FKz}n)nGVlvheb*0C(7K4LGbGi`^G=Se*WFz~Xl~0v3<Y>$Q4ZUYpYu
zF8!{60d+7sHk|HBN8<z0<Um7TN=;55wXfYNFma5rphWVX0k_ZRvsv4m7MHutZ*h9P
zqC{a^z~Xh<T-I<~xXtAY<VrNxJp+>^@(+x};;~dZ8BHgOlt_Oc!K<W>78khhw;#Uw
z-S2L$;XZ<e*WoEK0tg_000IagfB*srAb`N47m)W6loHv<+(%GKz(I($i@#I%5wzX?
z%%@LHpZ@)9T;OJd@{n@#qF1GY2q1s}0tg_000IagfB*sr%ohRAGBL!#m>VB3*Np>{
z;{!}?nXfjNuf%Z$qT0vGs%zr~UNZbadGyq0u8{W;RMv$J%Ij9$TK5a_4;BOvKmY**
z5I_I{1Q0*~fmsA5POGew&#yo6#9Du+7#eO3c|1W!o5SJ|{}O}My$*}l>Iz$eK5xkC
z4cY^4n>Tj}H`k@#m>8Tc|IR!>edaCetkzbmbz*&mET6Hlu{N+-l+R^%v;~4LuNbiI
z7lY~L_;qiaKWuUMtPZc==L)*)y7J9+iFty}?r^%?9<R@u``7d$O^scjWz%GFgQiSz
zeZFjQ{cgX_9S%AzfpA!G1_LfjTgc`SGXmHhZg*QK<n{S;oO2a-c~p+Ezd#KCkBvmr
zYIH0;)ZCvKDZX}=vd*$;vKo!XOs}Y~&sHNC4*A1Ydz(efZy+W%u=`vVpU)~@#B>8T
zrz03}yRD^HBU9eY%Pa+%WmC3{qEjCyJGK@V=&1VO-Cz93i|gcgflB34gL0{IopP`8
zluW~d00IagfB*srAb<b@2q1s}0%ZuuQU9fch$>~mQerg~GGQrElFWSsrNkjbZNxJU
za&duAB;NRe%XXVTmyHX&%b?t&Jg+>cysL~_lN1325I_I{1Q0*~0R#|0009IJQ{ec@
z#uIgS6UgBrl_ys=HtN>p#%5HUQQ7FzZ7DwV!6f!sufNkk4x13g49cQv;{`7H!ME-|
z|25w`n2ig(-Jm?Dyj}T<a@S#2hwKO-fB*srAb<b@2q1s}0tg^blE4Ye8f&J71WsMn
zXw=69bhmC)oF%sDqXIMBCt;F1E*2LE$zo}7fxo}{oj)9``^>UzT)=No9#`&E_9$W|
z2NnbnKmY**5I_I{1Q0*~0R#}3CeTtTp4*UnD!^RNil{6|Ki9($D#}c6Y8K_u4+@y$
z0HQvbX9{X@0q;B3pQZlG%^%Lj1<o}nk14k+apl};^=1VE2q1s}0tg_000IagfB*tZ
zUBD{l0H`e|C{UPTj*IqaMY$PFEwV`E#RWEqW}KR*@S)d7FT3JvkptPdfXARbs=P;u
zDW0X?)YKmV1Q0*~0R#|0009ILKmY-qfUQc*K2cUkz%Fta^*QE>37k+-c9!KPYo=V~
z#Rc-_DcnAEy5rW3pZS@br*PTItEc8E6#ryF009ILKmY**5I_I{1YRkDi3^rxW~K9Z
zvXlIU>_Lws81`Bmes4%j^5+zj{MiD2i!JDLdj0OOJrJ~)K5%=vd}Q0SN$HBNoIa_W
zv)Ssk+U>5Hw@l7R$2^71Q`l;onu&4Y&QthrA0GeuJGOr=Gf&|%#W^)kq4*~Y0tg_0
z00IagfB*srAb<b@2nYc=Szsx_t7Qvtp2A-&|I@zz_w+kolJ^lTQ&Lm&6pDYcAb<b@
z2q1s}0tg_000IagfWYAkoL<@J(LI!)=+KpA|EPHitM1#9UTc5k*V(whZf%~z-ON;Y
z_zlk<5I_I{1Q0*~0R#|0009J+w7{8SK0$pzp!gjw%l@(R6t4gK5C7}N58U!xHZE}N
z)I5bs<|zbAy8Wm;0tg_000IagfB*srAb`M95Ga@zaISd=mz9}*zRy$m@Ewn=y*zlr
zcd~JTl~eN+Dl3;l<5Ncj5I_I{1Q0*~0R#|00D+|}P&g^zoH2oNGgKC4m}^dgqd!mK
zYwwMlR(;6$$!uJpa%!GJrE)3v4C;;m0tg_000IagfB*srAh4JPrp*U9S3qF-vPC;j
z;d8(Kve)tN%bMjpg;gt_)Xh^UeqccW0R#|0009ILKmdUSBrvhIDl_$8V`Fyezc!yg
z;19V17Kh8@w>Se~yT#}BS}i`0FX;05+rn0>tMsY=PVjj>ZkN+xw^?)lnt3X}nYT<%
z=f*sRvtNkHC)3HlGege2Ws-P(h1MSen+=8<m)+482)eu$f7tJ^INfc2i?_`mwm5uN
zhu80O1zmP;u0PE6t@a5vyTi#mg^OaI!Ye*sonGd9^b9#(ph{Vx%~QBSd5W0|7tk*N
zii!XN2q1s}0tg_000IagP`-eiRj`x*TGe8nr?BDcA02)9&3CWJ#s#*^c?!2H&npiq
z?_#FH^1Bo{5I_I{1Q0*~0R#|0009J+tiZ{Yjg7k52y+8#s^;}Pg~zSmwePOg_2*>c
z0-JU76e?n%2@3)UAb<b@2q1s}0tg_000IciB5<mhi%=g9(A{!VwIJpxZ1%k2Z@+H4
zDV~W7ta@5EPoemM1px#QKmY**5I_I{1Q0*~frTbe<~)K`Wu{+j^Avvff!n_M&HwyH
zTQ)B61Km7@tA4Q1nx66^fB*srAb<b@2q1s}0thT=fx<}vXMeck&Ye}|W>{8kh6ONB
z;mx}YU+P}BDwvH6Jg%FkaMj~Wx;IgI1Q0*~0R#|0009ILKmdV-AyD?DgC|s#on>*&
zQ&=q<_Q1V=i1zKc>-5XM@T1@U?dcbPA?GPHD$5Px4+{baAb<b@2q1s}0tg_000K)u
zU?OEy`WibY&NdkO42FQ1&Cx%(Smgf;UbJnc&*m6S?n=b%r#qV6E|<gIY<D*A8Xp`<
zs6G2O*w*b&Y`<)LB;iT=_nmugv%PI#WNfS_);qj+_eGbrY~QZ>x;KW~wyxW_f7jkl
z&*s4Xp^&$IY~!}e_nqr>*uri0P{`u2dczi{*B`KW9ZvCL4+O%tfIn<+^AwxL(q;8n
zT^^@s*c#cmT3q1W&bR;TnqU0CoiZF?RGu=3KP(6!fB*srAb<b@2q1s}0tg_mzy!{!
z=&RLY7X=}W%#YeOQLWQu)wH<4O;0rbVq(K-+p=+i7Y)jb3#{T47XbtiKmY**5I_I{
z1Q0*~0R(0iSXJ3*sLhRX5DCwaiM6=EPYmz3KlZz`Oxd`=BL?M>nRmq&1Q0*~0R#|0
z009ILKmY**5ST{-_R7XS-8H{9CSZ>70%yt^XmNqx{rf$}Gj8d91LFneQM*zU1Q0*~
z0R#|0009ILKmY**j+DUk@d9VbU2AcH@!sp-RNHXYv)Q<Sn2&&22#%CI`#}H!1Q0*~
z0R#|0009ILK;V@ZXs&GR)QuU4&asFBtr34aw75X%t_}a^djIQg&Bg^DGboR}@<rwd
z2q1s}0tg_000IagfB*srAaG;^T9!3->YpDlM_3>#j+!@5;hA^+am|f}%O>PJg{D;}
zh<OUd3kw1WAb<b@2q1s}0tg_0z>*S}NSO*|>}#7`Eb{*aFWR=;v+Q=xu}q(_&mJ1+
z4{qF*Xz5P+{Pu)zL#Q|1w@b{}cVTGj;HKb~L?Y1{9&qfoZ;5WYcwg+Y?fct8(eb@o
zY+>uxf#79>w(-mT=ej*!U)W)DTU;S;$l|nl+bn*!&2Djo++L^C?|0dq&SEq6xm`Yo
z!)|Au!oD4Moxb|Z_ka6FLrdm90+VvDn5R&@upoc{0tg_000IagfB*srAb`Mp5Li>u
zXVd~Q1@W28kJ>iVq0UqI<GOh0hwrQj$@>UQ%F|+=Lh-_a00IagfB*srAb<b@2q1s}
z0t-_>5%Urnb7MJ7)1Nz-H&5Zo|M~fMOf;OmI~y0cP0UlM+_o?)PN@+<009ILKmY**
z5I_I{1Q1xj0uC|fpzeBJ8wfD#Ab}$=PvNKk+;IH++x;J5yubqPI}{xO1Q0*~0R#|0
z009ILKmY+vVD9k(dGi!TE6=I8{s%X`BO4dEQ_NGS+^Ow~|093^0tg_000IagfB*sr
zAb`M87HARk4(i4Y%<)Laou<Q_r%;K#al_9(`^7(I;{vyfc?y-=k8+JU90CX+fB*sr
zAb<b@2q1s}0tjRUta94Ha>4?KFi+tMd8h;T{vj&oBlz8A@7Q<mwYwd1o<gJYEra;O
zf&c;tAb<b@2q1s}0tg_000Q%0z+n`RBv5jX7_?0;7Ww~z7j4^GQLUA-YFb?2ffw%W
z|HRdeXUXvb#08`b3jzorfB*srAb<b@2q1s}0t-UGxlDuwYRiuc$e{sKae=cR_~diH
zto_%n?0A9q8<h7ih`Liq1Q0*~0R#|0009ILKmY**7OBANjJ17@_4NURp+@_bzu?RN
z%#Yf(TwK6EFcORVgPrYNcB|cOu{tewM}y7V>hQMOoXu{J-R`n_1llSIr;QgF{_3x*
z?ccrq``PgVPZ^Y_7AY&$LI42-5I_I{1Q0*~0R#|0U=a(PRnb?gg$ia1BM1V!WYFRQ
zpMS@<-t^`*$G<Tf7kI&-ys(Ios2TzYAb<b@2q1s}0tg_000K))KulYxzt=!MU%(*=
zw79@0&iTUqpGx^QX5#{n7?ekr7!cJ(009ILKmY**5I_I{1Q0-Ap$gc=g9poez<{W#
zOIBBl3%ok|@i*ObuYdAB0^$M-wJT6=1Q0*~0R#|0009ILKmdUyC~#<T0k@Fq(BcAh
zHUD|XeUI0DC_7%@d4ux&5_F`>2q1s}0tg_000IagfB*srEJA_fD;w)|!wE8vBox)m
zn~&hHk!#)ezO;LvTxn9mVm<=#!h!$-2q1s}0tg_000IagfB*us2<$M4IRj2SQO+4)
zpIj{R{{=7Fw%nWneJM5B*AwcVWyXM`J0HO%>kj<>w(o?N$?*av<z6u#fp}p-009IL
zKmY**5I_I{1Q0*~f%zb?rlQZNMHdQ!4w)adZKg8jBglKcz~_Hry?DpiA8*OV1#T11
z9aL_c4;7~j2q1s}0tg_000IagfB*srEGYqpc!r=cH?Tmv;GZ=Za0H$&@aG>7erZ$u
zFVAG-0#AwO3n))5DR(N100IagfB*srAb<b@2q1vKA`lSI5;##8R*?59m}Ypsz{#?@
z+H(iTo_r}5t@_>_^7#Tr<)01W4+{baAb<b@2q1s}0tg_000IacC4sncSz~8kAU9AT
zI>%z0TrBec1uxpRS)N`Xs&$I2nid!Mr}w`117|(H;f(Bj1os$}dyZ1YISc{_Ab<b@
z2q1s}0tg_000IciD$pZC2D%9a=7<<XwXi@zv>@}NwoM%HLU~XvF0l96&08+`^OZf>
zxWFUg`2w>RiH!&#fB*srAb<b@2q1s}0tg^5Ujz>A`2roH_#IkY;7y(BzkDw8>DOfA
z0*@P%$LCAsC<g)vAb<b@2q1s}0tg_000IciDbQTm*jdJy0<pim=L-Z*aqN2AZ@+M%
ze7=B5X%NpB5HBnUAb<b@2q1s}0tg_000IasQGvLr%=`UInK)pU`~CmX&lkA!%Qs*4
z^2Fm2IbOh|Tr8e1AYNDyKmY**5I_I{1Q0*~0R#|0pd5i-8BNg52Qb&807{7_n2yHt
z1%A|Z-3M=L`Ee*47r0G4UqHF7oQjhc0R#|0009ILKmY**5I_I{1df1!qq0#SSSTrQ
za0H$&P(9}8-T#@N?8wFi?i9}#Q0_bewP6<sAb<b@2q1s}0tg_000Iaga3}&T;&}mO
z3_LI$=JN%<x}ovTxBSoAbL8^{DpuW>dA@-79}5BqAb<b@2q1s}0tg_000Q$uAYM^$
zzyHoTmQucGpY4ACCH8!QE5G=OgQtJ=wkzd$feOWxdA@-79}5BqAb<b@2q1s}0tg_0
z00N6tpzu)ubHo{TmJ(>FDBS6SdA`66zrASHr!P71`)pi5%{*T~Q5R{`Q!NA#KmY**
z5I_I{1Q0*~0R)bQz#%*<pyCknn2x~n1tzw4{xEg^<CAfLJ(=eVD0_|u630LQ0R#|0
z009ILKmY**5I|rF2oyXoV6M>#6$R<%8hCIB&lgxG)eqeJhiKo9yG}pzmm7Y3<&WNd
zx_rKXQMtn){;(i`00IagfB*srAb<b@2q1vKKS<#9#$);#J8KLz2Kh(4)HvJhE}t*#
zwK&_HA&b))a#?%<hr<$bc|xAHpv%@~wMQbUSbW#88i~vmM-aQLlKa)-0v~wr<bV6@
z%RL{G_YoMCrwrl`3jzorfB*srAb<b@2q1s}0thTHfwL<5YD<YAh-$q?R!xfwJmalx
zZfHJZeKs!eqCt6afmNL1B7gt_2q1s}0tg_000IagfWXWGt124}wYl*GB4L9}ti=V~
zPrv5n_x;m9+ldQE6&3^#KmY**5I_I{1Q0*~0R$GA!1TC4qpYD87r13#+u5e3V<)n4
zfyc#j2NzlWsSW}NAb<b@2q1s}0tg_000N6ypt-WKQ#T%<gy##GC5ILlX#CVwzy4qK
z(MUEf@R&h)Y%ya|Hv|ws009ILKmY**5I_I{1QwS-%QEql!t&w*tA#*^78khW{$Tu?
z`~PUk#swZVD32~KA8LaD0tg_000IagfB*srAb`Lk7O+;y$qUMh3*^mH`1_j9Ki7Z$
zV|(O0g(l^EF;Ag*VL<=^1Q0*~0R#|0009ILKmdVa0uhs(M$lN3n?}&*bvVL)zsKSX
z27MN%&Fi)J#RP(uHjl3@X!F{GZGk}Uv43+7^Iv|n=PBIU_LblXKfJb4ju$W~_lkK6
z#S04p2q1s}0tg_000IagfB*sr%m;xr6@A81A`hlRou|<9-cxS*MvMF6Y+T@JF;AiL
z^n9o|Wk3J{1Q0*~0R#|0009ILKmdV55KzRtgvQ(e1=IBT2pZ&GwdV_@|FHI?iQl9%
z&lfO>kN|OkLog=`0tg_000IagfB*srAb<b@^F?6pxIo@Kg}d&3_UZS0^L4G+@d9^>
zc?y*~=Sx*62LcEnfB*srAb<b@2q1s}0!vPyMa(;>`@Vm!2NIYLbDqL4-}Ybb7S9iE
z$;JiVC*~<s-nZn;sW1WvAb<b@2q1s}0tg_000Q$uz$RuLG?oz+SZ+Gpc?um$YU3&0
zJs-)&1>Pg(DOBDwFDNJk0tg_000IagfB*srAb<b@OH9BnCLJ`^lob{@)OiX!wC4-N
z;}8D!g>QcPSIkqm#5x<*MF0T=5I_I{1Q0*~0R#{@6oF~;6xNn9TR`qHfOFjza5UyA
zltTlio;&#L?yLW``wut$T*d_|lm`sTFU1oE9yk;l@*sc!0tg_000IagfB*srAb`Lt
zD{yQ@MN@5`e=I!|=}}XuSR$S}$yDLUUlkaN#^R|HjTN^1_1%d?Iwi`d$TDi<1-|jY
z>%QG}UDxkqT)?Qj)gb<`Ab<b@2q1s}0tg_000IagfWRv+kTNbe^fh({42GH-yUpwH
zdp$0TJ?QdToKCOX;`P{E7Ej1)3pfMrkTc{febj;7YIj?#PK({qVDq**#2;s~$L@AI
zd`?lVV`SB|xWKbJKlj+xx4LhVg9wbuBL?w@1px#QKmY**5I_I{1Q0*~0R$F;fW5M@
zuQnGhC?&Wcs&%TYnidy$;Y08ErQ`mm@6C)CsQbG?{9!==0R#|0009ILKmY**5Lmnd
zSHIDCyrEBiOC1QP2QH2D*VNP)Y8_sOBOLJiEOvLB+v2o)0v5m9VY7r?c3;qAx4PWk
za48p^xl7c!?xUaO8|@M{IjqyZ2jA|CrnYUcb@%wk{T*rB#;u89XhZw93&*wwJIA;C
zc5U{Af>GyXJ<i_U=U!nRQ1{0A)%F2%tGS$v=Jk^~d&fsrk#|5%?M^2~#p==FXnHV_
z9LZam7*&(ebS%EBXFQcw<+gpX_&{P`N@UoX6#rL~VqO1GGBKixRk2b3z(7*m9w1h>
zw%W{BU19DYj>bmB&sSWv-keMftKy%RTq=&HCP!k~+X&=}tH$^3zkHiJ<_Zs8I2?#>
z50Bag+uB?^cU!k~Z|~S|kHk9qJJmf~x+0zZqHDiec5f{%FgW~Z(?jnbypQn$i}y`W
z%@9BU0R#|0009ILKmY**7O6nNc!5&FJ3`_#siDOM4qQ0A=V{gd`|NmuTMc!$E>bJ1
zg#ZEwAb<b@2q1s}0tn1!foq10#~S)G-{Ko;4qSS5-9%kY8Q%eyay@uNzsfK2ef<Lb
z4&FQ#6%X)hO{?)}JT1O=H|LDZ;!F9Vbb7S4r6turq>e;W%_Fh?WFnOqOgHx@Mq2iz
zTI^P<x5esii4CanbSypIlKpbOMSia@_vRlMiN(b*fIc}aK<qDjwA@$yGR<1^rMi&-
z)3W3e%Yg!!)K{3JqoWt8N%_n{b8CETczC^eIME-K$ISlJpGpq)CU&b+oBPL7>4X@q
zAU9tn-Uc4|R?y-CcMaarzQ5&;|6{zsd_F-?HUtnr009ILKmY**5I_I{1d0e8+IRu4
z+>;g;_-EHQ&brx~sv#~=#FteFAb<b@2q1s}0tg_000IciXMuvaKq-%a5Y_R?Drs?n
z*mZZ_v|*+1i`lrq;|AsN`CMVjh5!NxAb<b@2q1s}0tg_000Mae&6SOvx;Y8vdf=nT
z+bZ*Gae+_XbjtFteDc!cvT=bA7?cm>?VTSGKmY**5I_I{1Q0*~0R#|0;3x}RvaGRF
zE#q3hoGBGVRnC^x(c%I>`}|Mdv;9@4KEizjN4b$X90CX+fB*srAb<b@2q1s}0*5Pb
zX!jAEBM+;^1-|g|L)U%si;98!2oAR~$d3R52q1s}0tg_000IagfWSXMp#1v?&XuLq
z;sS5}^OwH)KQ)(rl<@-pfVSh12q1s}0tg_000IagfB*sr9F9Q2c!5&ps}zSjPaaZ>
z3$*<0&nJKB*&UzF#swZWC=VY_fyj#h0tg_000IagfB*srAb<b@M@zu5tg+9adk#T~
zae?z?`Lwve=Pvr+*Z=OR?_QOS3p{C1o;+Hm=Qs!;fB*srAb<b@2q1s}0tg^*WCWTj
z8w0ukf!%6%TdYot!`fi;wmQTgXS2udb~=1cal8xUF}1kBF@HTHbj?>^cYii6@S;I^
zQEp{H009ILKmY**5I_I{1Q0*~fkh#(s<Kf(ra;umFYBen1-6g>>Pzpv?*6}J;{p#F
zlm{0@t*Hb82q1s}0tg_000IagfB*uESio1=*smKOFurg9<=fmbS9s{c;XrhIc+@u7
z*5=x|+q$KDd&hozB-YX2sqWd*73u63C~e|zhZYxjU*CV6_xvfr(QI7cF@y5hB4(p%
z2q1s}0tg_000IagfB*srEHZ(XWsRNs@c_{|7E%3LNub3Ae%1Tw{!<2D|J^#V&baDD
zgZRUO00IagfB*srAb<b@2q1vK;t@Eo(pYEcYg9Y?`wW4Ap(fyMb2|f`fF<m;+AL0+
z$8Kr!JN=eG*lTzAd{&3UZi_@xvG}fGH4^FabU50qVTV0x-O;t#r*7T5;ljN=?ygOt
zy(3+*j_vFAcDl#+wYU2^oafGQMIJ5VTm4d=AgDb=!0yl<BH(Ja+H5wf+pcZOJzrpI
zlW15uG+-(&@ZiudzWd`1Km3-A3sfo}GAO@P9#<X^|6oA?0R#|0009ILKmY**5I_Kd
ze~`dQl@*TKKL1#HDAKJCCe_qXZ(_F^PaRuP(KNZfM@^+-iFoQH(^S&QRe_;sES@^i
zSYgXg+MP(GQ=&pmvQpZ3foIM>ICRd__XM-|5j<j09{C4VnZqK000IagfB*srAb<b@
z2q1t!c>?yz#y;I+21*%aAP%rr9z=@^JbJ_boc!PWPi@M^1(>I>yapgO0tg_000Iag
zfB*srAb<b@^Fd(Fc?$LS5v-FX*5U#`{KCg}2A_PxpR;j+Ck)CH^PxVJ0RaRMKmY**
z5I_I{1Q0*~0R&1GSi7t-pnv$_?9UfiFZZj(1>X9$R~v`!zq~6O7kJU2@Z7<Y*-3~1
z0tg_000IagfB*srAb`NU7g$x<s1F&4@>*n>wYb307wo^k;WKC6nT-oPXiy%U_cfw`
z2q1s}0tg_000IagfB*srEO7x}Wn;hY!2)H>bRgiGC7u=+IOjJf{vz_fr~h*{F7P#j
z^0g&SOZ5>z009ILKmY**5I_I{1Q3|-0<D#esxB;0&SZ+BYAv#QT3p~uop;8scm4jm
z*|@-04a!&Nd*vw~0tg_000IagfB*srAb<b@OIzUVWsR!--heXW0#>P~#Rcrwz3g9q
z?<wEQ#s!$CaB24}YL5T{2q1s}0tg_000Iagu%HAA<|zz#+uY88CtwMCtu~9(=CNDa
z{7%0m5cb*~KA+X$u-ioa<lhc0F7T7j1@8LiYq~DX#swZXD332F0Sb!%0tg_000Iag
zfB*srAb`Nq7HF<)?9|;;5S?QYSj)uUskp$opTF~jza4z)!8)<hq?~6^?hr352q1s}
z0tg_000IagfB*srAW%f$4W?uI8as_OH3ozDBVLR?ufq}c`#lzCFz6HC(R;lXzbE9e
zw0V4OL7UeeYzqV;kyI?cYgmm$=D28&E;qg2D34Ghcb`2%jkC?}^7+DEi?hucvN)X~
zm&F%wI4mKTI8Iy8WoxtAOFx1rv>X~RbsvHGD=&TK;rD%XXPxqZp;EcYp!`y~NqIu~
zkW9mZ00IagfB*srAb<b@2q1s}0<WMzy{W=s?DLPMhax>{Diuq_14GeRJY_nmvcgfD
z-O#NLCe_qXZ(_F^Pl>YBPp+TLAXmNWxQdFV{Qaa%CmJhk`ANGIiL^|9s;rTAAHi|U
zUwiZZuYdWAnehTE{$!~8yLe$i009ILKmY**5I_Kd#VByiGSl&fKJiUtAP`Uw?2h!;
zi0?dWeLj~r?33SfdfY*a)8TQ88<Jf?OUUi<cwMf5+vy70ZC;1p>v37^L6=DA^tvrx
zkIiNAguJ$ZGvE$6L%!0#uC!b2Zj04vu{#=U-d2aV)#+<?IjtUt-BZFQhjm)6P~U}J
z{h{%(uHG?qFuvK|HmKTN;dpQF_QX!ts52O{d%E`w_w3x#?mhPk^MJZH)~~h?m|M-|
zWHhgz%-K6Ws*1b=YHD{nF)CJ%4oB02iR4J$%EYLejHbm`#69Dwv?{mli^T^L`%)sq
z&ZPLiniT5>V@Y)|v0to<jrs=$#Km7qthL!a%~tWB&3x4r=KkSmY(%WR;;QxLWMWtq
z|GeZ<aZoim63bjhW>#F)y~iFO*t^N%zSz2F!;a0Wy<>P^SGV8Q<MR%6#M*a6L-w&~
z`^Emmc<Aak8g>2P(#d|{kY9QS{634_-R8D9?cx@7zuRH6gk5%DP&ACo?G3-e{lMXD
z_SoG{htD~!A57mg)emx;w)>)~Z5wReJ^pcjN7}Y=Ya$rh(7x@$v8}<*@$J4{n?0dm
z)OlHtvv+rXKPV^TE7A}8hmwgAwV)fcwwBWY%A2R~)$#<V#RcyAL+=aW+P_rGK?Ek{
zHiPnrcws>R0R#|0009ILKmY**5I_KdqbuO3Z0s}U0&Jy(>`VpE9V{ihBPw;8te6%T
zxZ`c_dFI9s{@YKp;{{e5>TX@J`sh}iqalC*0tg_000IagFfRqJNtli`^k=?XH`E;1
zeRbVLT}>HZ$(HhoKKJ>5t~-vWeS13n3-+mRPjj0V?l<G+v8WhU-I`Y8(Rf;XJ#NlX
znZ;M-L+SKrYfDS2e@GpPrkY1${mDcsF_>=dPmHweOSRaoR&R^d-4Yv6<LOv>ye0dU
zdyD+GUGB|4FcOQ4?`HetclKg`*`wvYfR}03nlIITKR+!?F0uT!K9l+ib98j{A~h*T
zf}308W5dJi&BKZQs61x&r~XuOFf$Z<YQ<P8oe)C_<mRic88Yg6+@+ZwSH^e1rCbl@
z7|ZT)xi96l&N$WMa+~sc+`{+{eo1yUamMw?v#u5wxOH#CRXa}a?_s>ay!>56p%6d-
z0R#|0009ILKmY**mWsg98!zCMq*`3y&HF$8LiCpZyMwsEQt4>a69EJeKmY**5I_I{
z1Q0-AUJ4Y%1xk6GL*ab{rQ{KH_sRNeae?PvIP=u&j(`1UvvGkt4a(!no%7O%LLq<v
z0tg_000IagfB*srAg~k!S}Mgvh^624VQLoXYfDcr2wNqi78m%pC&Jh6-yOU$8yDDM
zP&OzZSPIP45dj1cKmY**5I_I{1Q0*~fx{4Z-Ll3`wT#R6a%R6UT_Sg0#<hMqk8==p
zK3CRTiwj))(l=JV@!(DG;y!}I=nZ5=009ILKmY**5I_I{1Q0;ra0LqPBPiwRrG@tq
zl=A#ZQOxsXQMI_hZ;r3~kMBPGvEgi7;GG8LVdb5NTNUynfB*srAb<b@2q1s}0tg_0
zKv@FLWsQ9X-S~r&!U7JNNjI*b#JIruvSeCZAaMT!Z}{wQe)mE)E^xO&c~ZH%tdf%$
z0R#|0009ILKmY**5I_I{1YQY&wUvzlU8rE%B$2skNli^6sV+b;Eop8(Nm0-XWMQ?q
zfa&_rKl_cK^7d?8;Aw;MqVlxd&Vm2}2q1s}0tg_000IagfB*suP(Z0{)DJu`tr9=$
zLI$EnepxFmF7T;t(|77OANz1NF7Q@^@>b=+1z2l}i~s@%Ab<b@2q1s}0tg_0z(Nyf
zt!(VqjR)x7V~-E)-DGiJY~8bA$7a>uF}$y<+wbb}d51b;?K`3&`&hL7Vt-;hWb%ou
zx{Lksefuxp=8n0-Ll+JQqT9oxw!yYG*UsJ6E#2EY_S++|j{Z({&z7!8XTLyd6Ms9j
zxInF8cjM}t4Tfx7;C6%Zm~#6<gQUC&Ab<b@2q1s}0tg_000Ias5&^52ia`H$e{_z;
z)FLzJLIiW9j|!(+X{E&l9;|%r9ns<2qIF`OsqPuWsu#rz3jzorfB*srAb<b@2q1vK
z0v0&1(o|>YYg9Y?`wW4Ap~h}=*qq{ybBiq`UYzc5z~c3Vd={6>7xcQFes?hBibPVe
z_^x3!5*bUi_&2Q^AM14be0#cjcJ%MKxYN@zmTb8&6yEOj1TVkPanXgNp|OD-?dQ&Q
z4O+%G;H5lgPrGa0?r5-iTOHn3af7|v>2NvS4sDaeI&IT|mBu`dfVa)<40r;Tu-9s{
zIBg!grOog3TLNLP-Qn|D9S*xK$I<2KaI{&&4tvzPqieHI-MV+fg?oG4U7JFCN4jDi
z+t=;wbdT?AZ})XL=j15kTm4d=AgI-Oio@Y*w%TkqtJ|(^n&QZ95*=F(4Va1xT=yT(
zzWax(2F!KJhYXd<O$Ozc%1z1>%I6pG8-SuCfB*srAb<b@2q1s}0tg_mFa+vN6%J#c
ze=I!|=}}XuSRx)6ipJt8lPLa4wb>2b>R?h$4fQ5=tM!#r$#rW*^5ZHhn)3IPGM#9w
zuubk_a^KyFL^>t*+$3?d@d6)x`TCdLFTM2o?0p2c8I(tq+vIi@1Q0*~0R#|0009IL
zKmY**5IBkgj>^V9-O~n289-sOi#)n}2uc}cAZoN$)=G;Dw7q;|{POhnQ?qda<|#ai
zEzY43KmY**5I_I{1Q0*~0R#}3O`wE%3MX%)n0ubWsap)h0oTccYH@*EZvVCIr&s;-
zPuaM@M-1W~f{)BrD7GPh00IagfB*srAb<b@2q1vKQ4m<StTCW}0^zi02IQWuU|K8F
z>IM!>OPlw6f%UTVT3ldU{ls6t{>j(BHyamt+Mv9sJbe^u#~~0v009ILKmY**5I_I{
z1Q0;rl@L%W8};D?(<<?^E@U7MX_1H3;sXEliyL1$C6r!~jSIZhpuAOi@RcYQ`$PZ%
z1Q0*~0R#|0009ILKmdU}f!4~#e%%uV%9y>u<P%wS7yD(*bRbI5EK8xq1wQ!Nx7`qV
z&*(rlE^xg;`I>TlUMcwj0R#|0009ILKmY**5I_I{1dhDG*_Dl|E-FyY{E#LQQBZYZ
zfpR8O6cuTamC@n?Z+QQcPyYD2`+Bo+frAF+tIEM6Us?8u00IagfB*srAb<b@2q1s}
z0y=?nmNlyS;r?ZX1<sb44?QkmmF3Xl0+yeC{p_p09o&$O3y66NZ&M!8m6LxWfB*sr
zAb<b@2q1s}0tg_0z|jyWn5WQgbJ(2X`GFQ&NW3`R;ef^K3;8TAmoMmbJN@op$W=H`
zVZhtwb_P5FOW13*S)4YH-O}cF`YnO5*Y5E7tPY3WCaNO;c4%>dj?11lJyC!5ce8PU
zI}OU?%AH4}x*P)m1Q0*~0R#|0009ILKmY**iU_n+Hg@XnFNn^un3_d;-PnOSl1If6
zPnAd2;sWUpK7IFnBZ2>}6YESX8x3`T7cVRbAb<b@2q1s}0tg_m7zM6bW;))`*Vot?
z2n5svyCeNIH8qA>pU>qD`+`1;)8h_WoDPrM(suPF`6&%DrLkB_zbj}7xji1Q%N1}t
zT|v9e>+pL$E{i?r61#MI-4?IM=CXJ~UR%H!aEF{BUnG)>#di&>k;q&ZFxp&ec1MHF
z+v@PPih0>wPOHaZ_Y`dMwOT#Rc9+LvcX_o<4(qgBp}q^d`a|PmUA<%KV0^Q^ZBVtl
z!tvhT?TMYPQD-n@_jK<W?%BDe-Fxm8<^gqYtY2*(Ft?h^$!K0bnX`9%R26v#)YR^D
zVpOai9ge046UmXhm5EU`8BGh3p7B&#mD~2k;sc3&DUo4kQv6>{igkmrq&k?`FV@9I
z{R0C@HI));ZFWzyRs3f&Uv-7Ke>fT&5o@owYP~s`7*@qUFS%44R85Y=QmI%Xo>_5~
z>FPHcb^YMd$$sGQIvnAE-)FJA+uRnXU3}&2cROsBu*>cX3T~I%8-9gb*WqmT*xgQt
zPku@6wpg8(sfM4vX{vQ|o3{I+scjo<-97$se@EK3acd$N+R(o3!m+Kv&hhQOU7J0j
zVAOe8kF$4oe(RQ#@fB&^{-I=IL@j9C*4A>GwY=vJo+eLlT3ldv@Qputar|31XW{}Y
zY7BL^iWe3H5I_I{1Q0*~0R)zaz_rUw#~S*x7s@pUc3)jLQCC~W6TwTlPCla7z*Cn(
zC0!mb-0NENSad8s)S6b~(Rf;1+?sQWW^tiAlunPfwzQ=Bht!d1s(B>VpG>3@gX!k}
z#7N7&REyne^|n~uEwKSLo{pu*Te26-E%I7f?#(|i5{rv#us(UkE%ui^TJG{$rdeyg
zRCjefElV!3yw=X7zQP<G9lc0R$_sFFYkX{Yc)fWz(I1t^%>LA$N)GlWcB@mH`^Qr0
zga`!4%~xGBWYjvNq2|D)vNP6{ajjR%WqppZ?0`(};#<39pX!XcO?f?TVO(o3$*v|&
z@8`)=ycQQY^Y7pLUiiH4v}ErixYD3JtX#Q7eg#lX1Q0*~0R#|0009ILKmY**j;g@s
zWsQ9S-8}-O1Q)eX%;e|^{n!|jL+nrg{J~P<L!!bL$VzK*f#<JW@$+v!_MQK~y}OTX
zqrBq)e(^b#3r!yeqMbmSuqURa?Zv+LJ9q7{&vwXb)4a4zyDqr)r7=l-j?YdSN?F$i
zRS0zhw2f8W5bO^$G|*l^Xq%9>!RQ}TnLrb;?H@D{o7nbGC+HX(+n$SK=i<J^&RUw#
z?^TYQyL+Cy``jh*^SgVV--%LO;1om7kW<cbOb~zo1Rwwb2tWV=5P$##AOHafELVXI
zUcWoQaIxUQTCd+7JD^7trLW4kgFkxBKC$|*p$|%Nff<IpOlFqrQDeU#009U<00Izz
z00bZa0SG_<0v`u~jz&7phwHh4I(v33cxE6->vFgI7psf<HPTllF5rFr!~Y!bd1iQa
zd;zkRA&=58m>>WF2tWV=5P$##AOHafKmY;|IFG;`p6lq4Bn@;VPG)v=K3{|G4A~fo
zsGJmY#_!}cjf<#pm5Zu+G{$Q}ENU3FkL_>``=thF3qGg%(iVJDRFHK&p>a}Fiqqjd
z<1(ikqR7Q%x}9iD=A$8@_AStZavlw+^dn&JOMLjP_**YDk;fS?InI!G$Z_&2dG0(1
zk693a00bZa0SG_<0uX=z1Rwwb2wX~m^&VDi7>Lk;Hi!CXk_kF$r7@DsWNi=K$hy^~
z1-<4lO+Yc?3|hI~TUp&Tm#%(2%Qi2p$7XMAVEMT!=IZXXtb$EzUXZ8o=<v_K{nn;;
z&y?~JoTYgRuRVJy4-s`i00Izz00bZa0SG_<0?S2UX4S&vgR^N0mwEC*L1<AGn&?od
zWUi|WgFl~>p`ILq3x>?Er{HBtPj~5(5B5yh;~`NU?#P=R+?{%QXh;{8#MIdB5n(K1
zwngo<(bhSUFnZ1HEb<g0PvL?*g*T^u+~=9R=}jjt!1}&9o2QVzVS)ezAOHafKmY<)
zNMOcdU5UD8v&Q-A__$lkz|OTlYI)8mP8V#U=;8TAE4S5gRp#qLp2GhAL2I9!lVWi}
z?VT9w+t<^kZMou2;H&atM4rM-%Iu%c(X@_%v}unPtQ@@%b7RTEu$8CD99=UlnkF(?
z$Yl5TP1^<2SvHl)rmZQP7TA}k?==5pIFK62TjM63mB~fYX?nk%rj!hX!+hY-!9Xc<
zWgvX;s=U<bANVcKANg`Vf)9T&`1^;S{>@uX=K_|P40(y1pl_HU009U<00Izz00bZa
z0SG_<0uWfLfavuPxW*N%C2Y+up^QhM+gUvy@UAgW;q17A<+#9CceMWO^xJ)7rMN&V
zLr#-ca`#dX9OWPY0SG_<0uX=z1Rwwb2tWV=SA~Go=pSI}ZTfGch1_`vYKa$|^YB_o
zZ4qQu6=cmLIy+H+T;L1N87jvG9{9uIKY#k`-q%ZUfx`@WjeMURzADZk4iW+ofB*y_
z009U<00Izz00bcLkqd0_`rV;{a<hMK=nQwqH1^`FYT@}&HayL=R#$+as#Yy5N-e6O
zNTM#$1HR2U=yF`(sa@-eo*P<clN7MzS%#b;&yrKl8kise0SG_<0uX=z1Rwwb2tWV=
z5Lg}p#OrrIop7O$fgs+((;$Ezc0E+EmKJq|4CwJhoMS4-1@vDZefaSE?|-uNyg&~_
zddU5V3oMVbj=g{Y1Rwwb2tWV=5P$##AOL~oFA(<nQ?C95bqtovRu%1?5VGmX4o=w_
znrPj<%@jJvrn-A0a-Xh^bY|LiC*wjf*|sxcO~*Yt-KwjxKRtEeu3bt-PK>mV8Ogy!
zjvtOj<$a@}p5DRE1Hw?IGu35I^mGq(rKo6>zB<cs0iW-gCy)JeW>qOJ(8rLMNgtV6
z{_faA2tWV=5P$##AOHafKmY;|fWR^l2sQe<+;{Vni%e_>E#U4<u*mw!a<_o<Jq{3b
zHtq@$ELImaTkW`&;{xAV^^fLT|Fv_?Y@Wh3zh%~*X?l~sVS)ezAOHafKmY;|fB*y_
zu#yChtYMp&0l(Rm8ej~A@hKrmj>R;d)AU4)lQc=@bUrF`a)gg4k}4+*!<Zk$eRQL3
z+fr+xJ-%@&x4)-o@dc@KQXC%VJ8#cVbQSm=gM;?CyfG+_Zdt6+Rma`pC5<^pv!d#v
zDodhTZYsL_rOz!ovc|K3L*PYTqU&>foPLp%gh65AIw#9|OjD$Y5{t|897Q`A>DV}3
z?2>eSqPuT*YWL1AHCW6C+vABrO^w~vF79a0#f$0PZHsc$aR+<}9J3wlX`gvnQp73_
z_o5?f8WwOET2zq?)!-6Zi033;6}V_bif~3k6GUAPiK4*Ib9AenVl<Qxg=A=V_cq<!
zKH1tn*{5`O#3#qQGo6DQC%csCskSz~Q(Baxj=TD`WELnN^IWum_8*X2LOjoh6rsFm
z?&@$aqCeQqqXCt;z#Vt*{LJ6lAAG)vJkEH@afZA@j+0l(b1Uf=0QMCE5P$##AOHaf
zKmY;|fB*y_up$N4dswkyAW|%h4E33|ow2gUNHUYPJ@jbStu8I-HHY)2J<@NDn(Mul
z)m?M5HhVqGHZQElW^Zg@`ME0Q>h86yf=z2~cC5<J3)uJcW<J{-excNlz+}iv<ODID
zH84Q{0uX=z1Rwwb2tWV=5P$##Ah09>(d!>@4LVTE!w~Ee%6J629akTMTAnhX$FspX
zrgB{1(Gw4?I&yl={!&~3c?y?wzEKDQ5P$##AOHafKmY;|fB*y_P@}-blMl}3DV*yM
za-pOHmCgY)PvKlQipBF3R=OC_-Q4KxYB?_O#fOLPYCL)DiBeqP5JUSAJV6fCcraKE
z0uX=z1Rwwb2tWV=5P$##AOL~d1vWPN4fhCzRpS6GhzcySu6qat&jzPn*MkF9^;V59
zu*uosa$F#|b+fVVp$B87xWFq6IYa(PUa9?%uqFf`009U<00Izz00bZa0SG_<0#{Ig
zc>V5B16%dIXDwas3K`Hn<($1O#|5^Y{bAREH-7r>Qe2>iAwA@Na_R~m4>k<}2tWV=
z5P$##AOHafKmY;|SV00|uRrA)N}!I66l_(|I<hx-bh=enW513}2b8wO;Vs7n9)JGU
z`^?>EPnY5XT?~1Vbdmd3&<Vh<LI45~fB*y_009U<00Izz00gd-z-F)CbOi<KNqNau
zm8~Z~q=!ZnOjlT-o@9!YD(G;P;{rc<D*nhX#m@yxae;P*{ED=bV^<0k+l2rGAOHaf
zKmY;|fB*y_009WB6oJn-`c3x}{B=bIsteZ@7TD};dFgS1kRx1<3p9WEMegl~^6!=6
z0yIw{%~D8SS}ErM`w0OEKmY;|fB*y_009U<00IzLh5}VN2bGW{$6^}KX?h~YNtz^c
zIv<reIl@O2NtF|ZVN~ZS6nK%B==gygAE#d=C1KFgah;Q8J*FvAM2W@a>O6&p7F8re
zHMoQp;yH;|1uhzqBAk)X1X0&RqA2iG%XxK{;{pxEzx?Tquf4aY6c?Ca$SdSAGO-Lz
zu}ctu00bZa0SG_<0uX=z1Rwx`l_(JO`nz0x4U&sYY@O?ST4?>QX9pIkK1m60b{NZX
zfsX6m{rh*1J;^oEd7d?Xrs==*3nmCa00Izz00bZa0SG|gV<<4Q%5wuVFyQZ^cP7mv
zqeCg5&&M?Ax~wJin9fP6LhoaWszUEC9^JEWRp!F0$}ujksH!H*hC=U%3cMypG*#w=
zm`v-GG=<YtUgp%e#v78M#HF}CG-PM8`^U_op~V_7<y>omcnePxt<C0TlckU<3To9N
zJuHS=R8<xw$+^R-a3P6vCwZSM6(4BtPQ|B--Tg&#IJ-@V4x56U$oBUSTKnXj6pIUL
z@5ET&zMeL1%fUd}oXn)mwsasIsHb3H(_G2^>6}T+rcHaaVCCrS+*q<OY~{xn%(QZ5
zK3Sk5ebaWqbe2tJvT19|rUmxp>ARVy^M*5dbJ#jS=Vfw{bUJU^Hl520YD<Xz;{%5d
z22x|m%s8EU@X)3}-WoIMfA{RA8#VLe8QacS+1VL~yhrb8a9s#{OBcdwQ4__45z#q8
zi7K2V&|A(CMdZ1JEa)-HEh}2$GM`;hYEcD667|X{tep6B7gf&g{GvfUY42*~d;22O
zk<J2t`*tf9Z*AMvUfdq*njX~mZ&Ty3q;zMW)IYlL?ABB8vYg%2NZuMZt4?k>T+eB(
zZ`{F8Ilth_ae<S+d*taKd?1WCaRJtMkZJnHwLbcW2?7v+00bZa0SH`9fqSoEKf$C*
zjT7II(W6aYX<A*!_|4~S#Z)y-mfY-^O&zT&v>hW<KA6sZ`aIvFxzDWb7RkzON(73@
zVqqj)Ftf>Qfwm_C^NIo5wiqcCa^YamPK}u3NxNk{lgeARHC$*(S>wSeJ1B%gS}>#p
zGifth$P}i7r8Y{?X`VQ>MbhJ$EdAI!;52e*eWk6<w^*EYHU##%8Z_q=nP1sy-psCj
zFp$jUc9?mm%@YV`i(_M(0%KMx>1?y~UCPc6_gkZ8WpS!#7cAQLauy%D_ZrVR7h@eG
zf?w8)@qBIIN>fPETQ1Z*4yi4Itg3>n;bL4-7vs!GL-}H4d`I>=zZrdXwDoFf*3bV;
z*By|VZ+xE<b(vqZ;EG!rZSAY__a6NNzt#C8Uyci~59}b{V?Vg5)Q?~jLr#;s$)?Ns
zF#vT#00Izz00bZa0SG_<0uX=z1XhN?wnqPe;pziWOE9n;Iyq0|n7t(R%?JNHBHcgt
z_=B~?hp7B*j(#~VV7H&@d1}vNqougONrs#ur^rcX4NMS#00bZa0SG_<0uX=z1Rwwb
z2z-PB8@zsZ6yjnLhQ(HO1rOGG{qEQSJ)S6iRmL4;uiKJ&?%u7NOK|~>Aup2|qJ4x%
zjZHxS0uX=z1Rwwb2tWV=5P$##R)9c9BORQ>_3S{My)oQ9&e;FEE?2WZNcYR#?q6)b
F{s-4MHYNZ7

delta 8990
zcmeI1c~}%z62OOJhG95*5JeF|R8$ZedZxRldq9*q735MtBmo3TA}R_7IYh&u5@jVT
z3S>N@vL5kBRB%|HXiN|^;t3iM6E8gQJ|JpD@z@?|#^=gzNWNsh{q|eFkADh&uj*C3
zs(SVMW}&LJ*_EcUcndh_m3|zKkfZyl8@=q|Lk+pEHdTJbp>THwBQk*H52cw)&L@T{
z3bV0+W#P9FVHa@ygPpg1R&R*b1`GK@z0}XR)%&|#4=-)J<4pv^97Q5eOynuT-3biC
z39;A}!#pwUpOvh-SUF?I`A~^A8-vzz=d5;lHGO>wqrphn$C!bPyObC0SyR^WAnua3
zG#CPmEH{21{iuJX&Q|S>7|2+E>iB|^l;JMg<|OF<=QjHFi&|!Br)|%Mq>GldXZ$$j
z{m-?+<$R%4mqtyKp`@;F*>Qn(ywFhC#{~A#j`quYcA0w})B2P_#Fs0=<}C2J7se8%
zFtI5p?MzHX!yawYDM<6Zk(KRU-vn>z+^`u8aF;tjs|XsgLR-=XshF~6-$XKw*UqZ2
zfQjC*E$JNVjvJuf$^b(8t;=ed8W}o>MGzQK$7P<`oL~Q_LJSjzC1-!WoM$kFC9Gf~
z!@{A+rfm3AfK7mr$*qnU(UIH1BGxc+w|qr>a+UTfi20a7^an?xeQ-GT&=3ryFM!3?
z$s2M<pGyu01uI|$k<P^@K6c_BVHNa+6%^)V9vjwA8w#p+!^k<iPqahs`DL((EsSKF
zx0U6c+~EsaPs7NT>=92BhKDX>5jz->+KvK$pE^4gI6j1tM=iDkx0k4#Si~MiVy;?6
zMf(r41HsmYP(+T`*loTOZnl<12EvH@+WKpL<2_D*Y#c@uo~4fK_i-n)$RHT$oy!|=
zzuct~l!m}asNpv&YjD{-78wE~HI})d4{mQf1e%j!<WlD6!Upi1Vv(URvZiuV{y^@d
zHXtm55nkbyCF{p8DP)o1FcNg4@}Py?0B_(^4kHVX@;P%F43@Eo3yhQ<S^eC~E_)kD
zYJd?f`gQtuH3C-_afJ~V+<~ZGUq*tGM=;V)Nw&7ueKwUvP#BR8Ta~b@$mueu?`;Id
zr76)be)RfG1&esVNCt1prb_DBjtUYc7C8nr2O*m8SV9C7mfM5QheuVe0$3P~<aynl
zRJne@ITpcT<V7OYdtkJ1Gl)rH5Phb|5AMr9oP9nGr02q7`V6@;V@3QaP*4mj5IUT?
z7P8R6npHr-3a-}l#YP>P5e2IL4kM{+z8D$#%q@sTq%cymwy<``XCbDbwGl>&O!^h=
zwcFbj5ic0Q8lT3T-94%iIQ{}7NZP@>8zxq7VYPU}$d`Q@+Z%?F2SBimF%*%-B?FZJ
z8C%05qhTcaP+CD-_;n^zBrx)|<Ipd5HT2D55gCkpkdxp%eoXvRP&yGt94i_hHGP}Y
z6%qxE?20j{ay{Om0?nx~av9(0zt?SW6RSl9BQe*%pHyscunY(_FcQFb+ca&#+GG|P
z10!n-Oj@fvi<nFSFyb2#_&fxS+{GfkFfyPjbjg)PCAUCQ6O8a@TZhuQAxl|g9E?PH
zd?A|X@pA_#c>*JWmKEEcJd<D0Av~d#e^&#XHB;@ejgw{$>ics4eQWOnYjH7t{#Ag1
z^I&juI9G!>Nii{|lE~$#QYDe0gq$Q$8W)RDnOaQAWjIZU<Z8{SW&|Gr-5p2?Mu<p~
zS=I(#dY=8}hPG$VeJW_~d1PcyR%Yn2%&&e=hC4=mRHHDg14$S7%oXFUHnQV<TVVwL
zA{$_nxC@aXB#sdZxm=23azcy}Dol#XML3CyF+xpIgj7k8n#*ZCS501j6Z`IsXYO2Y
z?px(2DnEUsCW|_a@4@Oc1M5PrH$HsQ+>>|K{eXd(bS_jLToO~B-Kgfrfb=EY1Y`(f
zC?*lf#3&_}%25I%F_ad|#VAh5NQpwEl9Q57yMN;ItjE3UbTKBDpcujI^UYn3jfeg&
z*9+cQ%JO^CyK<7(xv?Io*KO>rB%2j!emZZ7`ZQ?0Xxf2j#<}n;^u@1N=ydyjoTL~~
zwFlmG*~ODz9jlftW&^2)4QlKA?Anbw&M%<#ER1YTaqtP;K1~Yvw_x$rrKP=g*FPx-
zj!(IpEuGX#Ijx}7GE^nQL@1$DP^eUlNl=oY<rpr(Nd+#}EKldfpzr$U-?&cWFqdcZ
zpO4LeYax$T3tr}f`u-+b<inn9&TzO<nCb6{;!`ShW=JpLFc56ZgN`TXLhH+<O>`KD
zcY($3elKo0ob;4~Y$+`M;8KCtw(Ox#02Xb!5z$~~d~?l%BfJRxd1$rfI<IgDmw?g;
zn5#-TZ+mUatu>%_8t)eiCtQk)DH%?nA{C*~MG-?~G6{|<nZr$~RZ=-FQ|h8PLSvrJ
zbNG#+T;^+H^IvpM!hX|1>^_H=WgPcC@Z9{UfXO2x<WmmvDJZzjn~!8U8-*G4#F<9A
zfBfT*mu`^g>PO|<N8ddYr8oiF^WKX5s@!r3KGzWlSHohnEnA-ot%pqqNw;*v<XZ*e
z+m>L5JKGO&fzMtT0qb%aQ?}-1gGomj@qjM9hyUh9MmO!5uN$@u5gQJ&6tU5cFB2dh
z$%cZkK>>U|Q_T3Z5?9eoc|~Qkibe^AnnvX^CDZmqN-?G&<Pw=gbMae&n_oBORVo(a
zBtaw_yjiX%&8??xbCE+#zptaJeF1ICV~RizELFTN0zI*T@yS~ac2C))qR7BY383T|
z<3qbHAGQe3q_-4|b9?PW%bz&NOiS%-$2v>T9HF5#<3ncBdObQY%juk{#>8?;C8C*I
zf{Z{3sfxKYh-o=0#VM&wgkuVcOs&cCG!bcD+M3wFO^kJAj?kc+WqZ(ce^X1pm_MP&
zz;@;5UDdS*R=;*^5A1lS`8$7TcwsIzs21EDVZs+Wb~)DT`pkABBjAqCvBnlk4iafu
zY;oN}sWlK07DUcKV+-90?bF9p5v230S|z7xOo=LJ70HxEkqnh#Y9&gk2@I#DQkg_9
z(fM_R#=p|U3NDMRU%TsY?4LBvW0|tplUnh=Qh4A00}AgBI(Bh!d2F(-@ERjgOyNb&
zBD;_%roaSrR^Oh)%=phK(<6V+HDG1!55bykc5;Bd&m2^J-zJwfK6KicUkAp{fW@^(
zTH=qa^!p6N%!9=ZYp9yu)s3wneJLz98Wnw}=FoKkC|JXY2X`fbTb;b&hXa;eT@rB3
zv-C+|p2eiWOmiYf&ef%X0Y!DD0U;8pah#-3T8&f86<NYmZM9m0DhN!b6ytIUp%Q5(
z?=gv<3Pt$WGoZ7z{y*o~2Viz+=&oe2fBGGl;wUI0zpkMB%g!mAyGHjpf1Rq!IW9uz
za*ohv-Qdow>&X$}zP|JHprrn`^!#&g>DPBBTy-8(WdhC~gEK4frd9psB)2@!dJYzU
zc+j?mb~kSV{JXH&Z6f`pYkT}j;P@OCJ1x%JS)BMR3()3#zHmradTt!t%V*21Rld6P
z<eAk&>1hU*-{bE$BXZn$uM>38pw0x9U}_PGD@3SNL@|#B%<RQnrkG2BoTNz+#e7u|
z(?n;VTI9@k_+450|B~>((uODh0VUz11L6&yGagHHC4q;Sb(RD(eNlK~smU5)!p-Wz
zvE=EB!k<(<vVLWv{gZ|;#wVSrEFjmtYA?wgPF*Yk*&~@0*LU~wiX_$gS>8jzN`F{f
z``(d+&_z-EKxrf_j<G4;b5c260csOqad6W}%bN%D@<8)^SR7j#lsY5=y$9O!`OHKb
zFeXEmm_mh23m%`Wl8m282gOaFBlGrlPl*Ui4DgkI;NcM$IL`mQ6xWDxt{<m~rzFpj
z1*eOZV}q5x7(GLkkRBT6t-zGbn*c?kDq2@yM9kBqlwyWAB|(cRCB+P564|?ri*U!q
z_Lzhsb&u+N=2t(PF7@maSUYdV3m{wzo4(U4C&e?j2!MJ=GiC^V>x0VQ0#94qmW?R}
zKKo$=xBO@l=HIu8Mc(?La{6V4yhHw6tb6o=oKKlOJX<|&#5LV}R|BGne8DI5foc2R
zETm&Y)6byf1^-jathvf*!4o_JgZ%N>AbNtFnWo}h)5kN;o9mb68W9}gD-NaKi}gzh
zO^XW}6E<r?;Isg2R>W+DY+67BE(ys<nK6g<rfEv7U@9>xBBadqiBc+2sZ=FJ#Y!bD
zV&+|%R1n=ck07`dMM_A`c5~B@|2yNTJ+>nEzJ+6G=R~KOVQ(6yccrqrKD{u(>LsYR
zH-)@^`@pt`Z4Sq>LF+Y(t%#<;+cZXxgco17obPb(cEu=|_^$c*(Q}66a@~x~oC;^=
z9O>V9>;CfN(TQ!^SGxBv=tIb<cC(KTzkEE&0>oyT9z`_PnWo-)Ek8GSxmV^7r$J06
ztVSH(vTtHmWF1KVtLc5@%?mZ*PLMc3N_AhWEa5|3G>-Ei%XwZ9C|C!t<Fm-?mD{*|
z0Bqd}i~Woy)E#<U69%fjg~jw?&My0XC(U$XW^)pFbIW3zZg%W7UaEWNg*<5Ff-blM
zR?h|e2c`u`FMT=J8>;EQ&eXpL8z|g3%4hPUa0EEMg4h2LeH^!c46b4$)a)R56QLXX
z<NfEgltzN!fda^+Pg<|JYvLMHLA;0HU-_;-?7K!HG}pNA{I5XvXn37KFOLgXtHrli
zZ}`LBFt<6p@X*T=Cr~;WM#}foHSt3iCxhBVK_+7Rt~X{Ga0dm1DLUJCWRSo~6EIp}
z+P!<;vN7QCkM{$LKKTYTXTb`8+E>5)hvwVESof5yhurh^@w)ib%G4krEP;`T-1Z$i
z&GPMmbE&|xTN@2KZDc;|xN7=m3Eck3eR#EZcr~qvoeg}dV58P^BDUX?-#GzVZy<9J
d4HIT3P3t8=l0HxT=Ttcc-I#u0OH#8y_z&dcZa4q{

diff --git a/src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/ISessionIssuer.cs b/src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/ISessionIssuer.cs
index db00ab92..6d11566f 100644
--- a/src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/ISessionIssuer.cs
+++ b/src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/ISessionIssuer.cs
@@ -17,4 +17,8 @@ public interface ISessionIssuer
     Task RevokeAllChainsAsync(TenantKey tenant, UserKey userKey, SessionChainId? exceptChainId, DateTimeOffset at, CancellationToken ct = default);
 
     Task RevokeRootAsync(TenantKey tenant, UserKey userKey, DateTimeOffset at,CancellationToken ct = default);
+
+    Task<SessionChainId?> GetChainIdBySessionAsync(TenantKey tenant, AuthSessionId sessionId, CancellationToken ct = default);
+
+    Task<bool> LogoutChainAsync(TenantKey tenant, SessionChainId chainId, DateTimeOffset at, CancellationToken ct = default);
 }
diff --git a/src/CodeBeam.UltimateAuth.Core/Domain/Session/UAuthSessionChain.cs b/src/CodeBeam.UltimateAuth.Core/Domain/Session/UAuthSessionChain.cs
index e211cf04..04ac32cc 100644
--- a/src/CodeBeam.UltimateAuth.Core/Domain/Session/UAuthSessionChain.cs
+++ b/src/CodeBeam.UltimateAuth.Core/Domain/Session/UAuthSessionChain.cs
@@ -24,6 +24,7 @@ public sealed class UAuthSessionChain : IVersionedEntity
     public long Version { get; set; }
 
 
+    public bool IsActive => ActiveSessionId is not null;
     public bool IsRevoked => RevokedAt is not null;
     public SessionChainState State => IsRevoked ? SessionChainState.Revoked : ActiveSessionId is null ? SessionChainState.Passive : SessionChainState.Active;
 
diff --git a/src/CodeBeam.UltimateAuth.Server/Infrastructure/Issuers/UAuthSessionIssuer.cs b/src/CodeBeam.UltimateAuth.Server/Infrastructure/Issuers/UAuthSessionIssuer.cs
index 38cf330d..7c0c35e0 100644
--- a/src/CodeBeam.UltimateAuth.Server/Infrastructure/Issuers/UAuthSessionIssuer.cs
+++ b/src/CodeBeam.UltimateAuth.Server/Infrastructure/Issuers/UAuthSessionIssuer.cs
@@ -293,4 +293,27 @@ await kernel.ExecuteAsync(async _ =>
             await kernel.RevokeRootCascadeAsync(userKey, at);
         }, ct);
     }
+
+    public async Task<SessionChainId?> GetChainIdBySessionAsync(TenantKey tenant, AuthSessionId sessionId, CancellationToken ct = default)
+    {
+        var kernel = _storeFactory.Create(tenant);
+        return await kernel.ExecuteAsync(innerCt => kernel.GetChainIdBySessionAsync(sessionId, innerCt), ct);
+    }
+
+    public async Task<bool> LogoutChainAsync(TenantKey tenant, SessionChainId chainId, DateTimeOffset at, CancellationToken ct = default)
+    {
+        var kernel = _storeFactory.Create(tenant);
+
+        return await kernel.ExecuteAsync(async innerCt =>
+        {
+            var chain = await kernel.GetChainAsync(chainId, innerCt);
+
+            if (chain is null || chain.IsRevoked)
+                return false;
+
+            await kernel.LogoutChainAsync(chainId, at, innerCt);
+
+            return true;
+        }, ct);
+    }
 }
diff --git a/src/CodeBeam.UltimateAuth.Server/Infrastructure/Orchestrator/LogoutChainBySessionCommand.cs b/src/CodeBeam.UltimateAuth.Server/Infrastructure/Orchestrator/LogoutChainBySessionCommand.cs
new file mode 100644
index 00000000..62ea3e68
--- /dev/null
+++ b/src/CodeBeam.UltimateAuth.Server/Infrastructure/Orchestrator/LogoutChainBySessionCommand.cs
@@ -0,0 +1,20 @@
+using CodeBeam.UltimateAuth.Core.Abstractions;
+using CodeBeam.UltimateAuth.Core.Contracts;
+using CodeBeam.UltimateAuth.Core.Domain;
+
+namespace CodeBeam.UltimateAuth.Server.Infrastructure;
+
+internal sealed record LogoutChainBySessionCommand(AuthSessionId SessionId) : ISessionCommand<bool>
+{
+    public async Task<bool> ExecuteAsync(AuthContext context, ISessionIssuer issuer, CancellationToken ct)
+    {
+        var chainId = await issuer.GetChainIdBySessionAsync(context.Tenant, SessionId, ct);
+
+        if (chainId is null)
+            return false;
+
+        await issuer.LogoutChainAsync(context.Tenant, chainId.Value, context.At, ct);
+
+        return true;
+    }
+}
diff --git a/src/CodeBeam.UltimateAuth.Server/Services/UAuthFlowService.cs b/src/CodeBeam.UltimateAuth.Server/Services/UAuthFlowService.cs
index 95b91315..85011c70 100644
--- a/src/CodeBeam.UltimateAuth.Server/Services/UAuthFlowService.cs
+++ b/src/CodeBeam.UltimateAuth.Server/Services/UAuthFlowService.cs
@@ -76,7 +76,7 @@ public async Task LogoutAsync(LogoutRequest request, CancellationToken ct = defa
         var now = _clock.UtcNow;
         var authContext = authFlow.ToAuthContext(now);
 
-        var revoked = await _orchestrator.ExecuteAsync(authContext, new RevokeSessionCommand(request.SessionId), ct);
+        var revoked = await _orchestrator.ExecuteAsync(authContext, new LogoutChainBySessionCommand(request.SessionId), ct);
 
         if (!revoked)
             return;
diff --git a/tests/CodeBeam.UltimateAuth.Tests.Integration/LogoutTests.cs b/tests/CodeBeam.UltimateAuth.Tests.Integration/LogoutTests.cs
new file mode 100644
index 00000000..436b300c
--- /dev/null
+++ b/tests/CodeBeam.UltimateAuth.Tests.Integration/LogoutTests.cs
@@ -0,0 +1,270 @@
+using CodeBeam.UltimateAuth.Core.Contracts;
+using CodeBeam.UltimateAuth.Users.Contracts;
+using FluentAssertions;
+using Microsoft.AspNetCore.Mvc.Testing;
+using System.Net;
+using System.Net.Http.Json;
+
+namespace CodeBeam.UltimateAuth.Tests.Integration;
+
+public class LogoutTests : IClassFixture<AuthServerFactory>
+{
+    private readonly HttpClient _client;
+    AuthServerFactory _factory;
+
+    public LogoutTests(AuthServerFactory factory)
+    {
+        _factory = factory;
+
+        _client = factory.CreateClient(new WebApplicationFactoryClientOptions
+        {
+            AllowAutoRedirect = false,
+            HandleCookies = false
+        });
+
+        _client.DefaultRequestHeaders.Add("Origin", "https://localhost:6130");
+        _client.DefaultRequestHeaders.Add("X-UDID", "test-device-1234567890123456");
+    }
+
+    [Fact]
+    public async Task Logout_Should_Invalidate_Session_And_Cookie()
+    {
+        var loginResponse = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie = loginResponse.Headers.GetValues("Set-Cookie").First();
+
+        _client.DefaultRequestHeaders.Add("Cookie", cookie);
+
+        var logoutResponse = await _client.PostAsync("/auth/logout", null);
+        logoutResponse.StatusCode.Should().Be(HttpStatusCode.Found);
+
+        var meResponse = await _client.PostAsync("/auth/me/profile/get", null);
+
+        meResponse.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
+    }
+
+    [Fact]
+    public async Task Logout_Should_Detach_Chain_And_Reattach_On_Next_Login()
+    {
+        var loginResponse1 = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        loginResponse1.StatusCode.Should().Be(HttpStatusCode.Found);
+
+        var cookie1 = loginResponse1.Headers.GetValues("Set-Cookie").First();
+        cookie1.Should().NotBeNullOrWhiteSpace();
+
+        _client.DefaultRequestHeaders.Remove("Cookie");
+        _client.DefaultRequestHeaders.Add("Cookie", cookie1);
+
+        var logoutResponse = await _client.PostAsync("/auth/logout", null);
+        logoutResponse.StatusCode.Should().Be(HttpStatusCode.Found);
+
+        var unauthorizedChainsResponse = await _client.PostAsJsonAsync(
+            "/auth/me/sessions/chains",
+            new PageRequest());
+
+        unauthorizedChainsResponse.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
+
+        _client.DefaultRequestHeaders.Remove("Cookie");
+
+        var loginResponse2 = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        loginResponse2.StatusCode.Should().Be(HttpStatusCode.Found);
+
+        var cookie2 = loginResponse2.Headers.GetValues("Set-Cookie").First();
+        cookie2.Should().NotBeNullOrWhiteSpace();
+
+        _client.DefaultRequestHeaders.Add("Cookie", cookie2);
+
+        var chainsResponse = await _client.PostAsJsonAsync(
+            "/auth/me/sessions/chains",
+            new PageRequest
+            {
+                PageNumber = 1,
+                PageSize = 50
+            });
+
+        chainsResponse.StatusCode.Should().Be(HttpStatusCode.OK);
+
+        var page = await chainsResponse.Content.ReadFromJsonAsync<PagedResult<SessionChainSummary>>();
+        page.Should().NotBeNull();
+        page!.Items.Should().NotBeEmpty();
+
+        var currentDeviceChains = page.Items.Where(x => x.IsCurrentDevice).ToList();
+        currentDeviceChains.Should().HaveCount(1);
+
+        var current = currentDeviceChains.Single();
+        current.ActiveSessionId.Should().NotBeNull();
+        current.IsRevoked.Should().BeFalse();
+    }
+
+    [Fact]
+    public async Task Logout_From_One_Device_Should_Not_Affect_Other_Device()
+    {
+        var client1 = CreateClient("device-111111111111111111111111111111111111111111111111111111111111111");
+
+        var login1 = await client1.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie1 = login1.Headers.GetValues("Set-Cookie").First();
+        client1.DefaultRequestHeaders.Add("Cookie", cookie1);
+
+        var client2 = CreateClient("device-2222222222222222222222222222222222222222222222222222222222222222");
+
+        var login2 = await client2.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie2 = login2.Headers.GetValues("Set-Cookie").First();
+        client2.DefaultRequestHeaders.Add("Cookie", cookie2);
+
+        await client1.PostAsync("/auth/logout", null);
+
+        var me1 = await client1.PostAsJsonAsync("/auth/me/profile/get", new GetProfileRequest() { ProfileKey = ProfileKey.Default });
+        me1.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
+
+        var me2 = await client2.PostAsJsonAsync("/auth/me/profile/get", new GetProfileRequest() { ProfileKey = ProfileKey.Default });
+        me2.StatusCode.Should().Be(HttpStatusCode.OK);
+    }
+
+    [Fact]
+    public async Task Logout_Should_Not_Revoke_Chain()
+    {
+        var login = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie = login.Headers.GetValues("Set-Cookie").First();
+        _client.DefaultRequestHeaders.Add("Cookie", cookie);
+
+        await _client.PostAsync("/auth/logout", null);
+
+        _client.DefaultRequestHeaders.Remove("Cookie");
+
+        var login2 = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie2 = login2.Headers.GetValues("Set-Cookie").First();
+        _client.DefaultRequestHeaders.Add("Cookie", cookie2);
+
+        var chainsResponse = await _client.PostAsJsonAsync("/auth/me/sessions/chains", new PageRequest());
+        var page = await chainsResponse.Content.ReadFromJsonAsync<PagedResult<SessionChainSummary>>();
+
+        page!.Items.Should().Contain(x => x.IsCurrentDevice);
+
+        var chain = page.Items.Single();
+
+        chain.IsRevoked.Should().BeFalse();
+    }
+
+    [Fact]
+    public async Task Logout_Should_Clear_Only_Current_Chain()
+    {
+        var client1 = CreateClient("device-111111111111111111111111111111111111111111111111111111111");
+        var client2 = CreateClient("device-222222222222222222222222222222222222222222222222222222222");
+
+        var cookie1 = await LoginAndGetCookie(client1);
+        var cookie2 = await LoginAndGetCookie(client2);
+
+        client1.DefaultRequestHeaders.Add("Cookie", cookie1);
+        client2.DefaultRequestHeaders.Add("Cookie", cookie2);
+
+        await client1.PostAsync("/auth/logout", null);
+
+        var chainsResponse = await client2.PostAsJsonAsync("/auth/me/sessions/chains", new PageRequest());
+        var page = await chainsResponse.Content.ReadFromJsonAsync<PagedResult<SessionChainSummary>>();
+
+        page!.Items.Count(x => x.ActiveSessionId != null).Should().Be(1);
+
+        var device2Chain = page.Items.First(x => x.IsCurrentDevice);
+
+        device2Chain.ActiveSessionId.Should().NotBeNull();
+    }
+
+    [Fact]
+    public async Task Logout_Should_Delete_Cookie()
+    {
+        var login = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie = login.Headers.GetValues("Set-Cookie").First();
+        _client.DefaultRequestHeaders.Add("Cookie", cookie);
+
+        var logout = await _client.PostAsync("/auth/logout", null);
+
+        logout.Headers.TryGetValues("Set-Cookie", out var cookies).Should().BeTrue();
+
+        var logoutCookie = cookies!.First();
+
+        logoutCookie.Should().Contain("expires=");
+    }
+
+    [Fact]
+    public async Task Logout_Twice_Should_Be_Idempotent()
+    {
+        var loginResponse = await _client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        var cookie = loginResponse.Headers.GetValues("Set-Cookie").First();
+        _client.DefaultRequestHeaders.Add("Cookie", cookie);
+
+        var first = await _client.PostAsync("/auth/logout", null);
+        var second = await _client.PostAsync("/auth/logout", null);
+
+        second.StatusCode.Should().BeOneOf(HttpStatusCode.Unauthorized, HttpStatusCode.Found);
+    }
+
+
+    private HttpClient CreateClient(string deviceId)
+    {
+        var client = _factory.CreateClient(new WebApplicationFactoryClientOptions
+        {
+            AllowAutoRedirect = false,
+            HandleCookies = false
+        });
+
+        client.DefaultRequestHeaders.Add("Origin", "https://localhost:6130");
+        client.DefaultRequestHeaders.Add("X-UDID", deviceId);
+
+        return client;
+    }
+
+    private async Task<string> LoginAndGetCookie(HttpClient client)
+    {
+        var response = await client.PostAsJsonAsync("/auth/login", new
+        {
+            identifier = "admin",
+            secret = "admin"
+        });
+
+        return response.Headers.GetValues("Set-Cookie").First();
+    }
+}