feat(session): add session removal endpoint and refactor session management

- Implement new `/sessionMgr/remove` endpoint for superusers to remove sessions
- Refactor session and token management to use sessionTokenMap for better tracking
- Update session cleanup logic to handle both tokens and sessions
- Add documentation for new API endpoint in docs/api.md
- Modify logout handler to use new session removal approach

router.go

@@ -18,6 +18,7 @@ func setupRoutes() {
 	// http.HandleFunc("/userMgr/modify", ModifyUserHandler)
 
 	http.HandleFunc("/sessionMgr/list", ListActiveSessionsHandler)
+	http.HandleFunc("/sessionMgr/remove", RemoveSessionHandler)
 
 	http.HandleFunc("/frpcAct/instanceMgr/create", CreateInstanceHandler)
 	http.HandleFunc("/frpcAct/instanceMgr/list", ListInstancesHandler)