Expired Pastries

A learning platform hosts several courses with different availability windows. While most content loads normally, one of the more sensitive courses appears unavailable due to its expiration status.

The application relies on session data provided by the client to determine what should be accessible, including time-related information used in access decisions.

Your goal is to understand how the platform tracks session state and determine whether the expiration logic is enforced securely.

 flag format: flag{}