diff --git a/docs/docs/controllers/sessions.md b/docs/docs/controllers/sessions.md
index f13c0dc7..b54886eb 100644
--- a/docs/docs/controllers/sessions.md
+++ b/docs/docs/controllers/sessions.md
@@ -32,11 +32,7 @@ async fn handle(&self, request: &Request) -> Result<Response, Error> {
 All [controllers](index.md) can check for the presence of a valid session:
 
 ```rust
-let session = request.session();
-
-let valid = session
-    .map(|session| !session.expired())
-    .unwrap_or(false);
+let valid = !request.session().expired();
 ```
 
 Unless the session cookie is set and has been encrypted using the correct algorithm and secret key, calling [`session`](https://docs.rs/rwf/latest/rwf/http/request/struct.Request.html#method.session) will return `None`.
diff --git a/docs/docs/controllers/websockets.md b/docs/docs/controllers/websockets.md
index 2d1ab64c..412e794b 100644
--- a/docs/docs/controllers/websockets.md
+++ b/docs/docs/controllers/websockets.md
@@ -95,11 +95,10 @@ to send a [`Message`](https://docs.rs/rwf/latest/rwf/http/websocket/enum.Message
 All WebSocket clients have a unique [session](sessions.md) identifier. Sending a message to a client only requires that you know their session ID, which you can obtain from the [`Request`](request.md), for example:
 
 ```rust
-if let Some(session_id) = request.session_id() {
-    let client = Comms::websocket(&session_id);
+let session_id = request.session_id();
+let websocket = Comms::websocket(&session_id);
 
-    client.send("hey there")?;
-}
+websocket.send("hey there")?;
 ```
 
 WebSocket messages can be delivered to any client from anywhere in the application, including [controllers](index.md) and [background jobs](../background-jobs/index.md).
diff --git a/docs/docs/views/turbo/streams.md b/docs/docs/views/turbo/streams.md
index 1db295e7..f60b5117 100644
--- a/docs/docs/views/turbo/streams.md
+++ b/docs/docs/views/turbo/streams.md
@@ -61,21 +61,16 @@ let session_id = request.session_id();
 Once you have the ID, you can send an update directly to that user:
 
 ```rust
-use rwf::prelude::*;
-
-// Not all requests will have a session.
-if let Some(session_id) = session_id {
-    // Create the update.
-    let update = TurboStream::new(r#"
-        <div id="messages">
-            <p>Hi Alice!</p>
-            <p>Hello Bob!</p>
-        </div>
-    "#).action("replace").target("messages");
-
-    // Send it via a WebSocket connection.
-    Comms::websocket(&session_id).send(update)?;
-}
+// Create the update.
+let update = TurboStream::new(r#"
+    <div id="messages">
+        <p>Hi Alice!</p>
+        <p>Hello Bob!</p>
+    </div>
+"#).action("replace").target("messages");
+
+// Send it via a WebSocket connection.
+Comms::websocket(&session_id).send(update)?;
 ```
 
 If you need to send updates to the client from somewhere else besides a controller, e.g. from a [background job](../../background-jobs/index.md), pass the session identifier to that code as an argument. The session identifier is unique and unlikely to change.
diff --git a/examples/turbo/rwf.toml b/examples/turbo/rwf.toml
index 7a0ed431..3feb7072 100644
--- a/examples/turbo/rwf.toml
+++ b/examples/turbo/rwf.toml
@@ -1,5 +1,5 @@
 [general]
-secret_key = "TRtZ2Ww4EeY3xfA82Bo9bNCQbkLiUZmiDO6wOE0W0qw="
+# secret_key = "TRtZ2Ww4EeY3xfA82Bo9bNCQbkLiUZmiDO6wOE0W0qw="
 log_queries = true
 cache_templates = false
 track_requests = true
diff --git a/rwf/src/crypto.rs b/rwf/src/crypto.rs
index 4a522bf7..4824de22 100644
--- a/rwf/src/crypto.rs
+++ b/rwf/src/crypto.rs
@@ -334,7 +334,7 @@ pub fn hash(data: &[u8]) -> Result<String, Error> {
 ///
 /// ```
 /// # use rwf::crypto::{hash, hash_validate};
-/// let hash = hash("password".as_bytes());
+/// let hash = hash("password".as_bytes()).unwrap();
 /// let valid = hash_validate("password".as_bytes(), &hash).unwrap();
 ///
 /// assert!(valid)
diff --git a/rwf/src/http/request.rs b/rwf/src/http/request.rs
index 271667e7..28a4a314 100644
--- a/rwf/src/http/request.rs
+++ b/rwf/src/http/request.rs
@@ -15,7 +15,7 @@ use crate::prelude::ToConnectionRequest;
 use crate::{
     config::get_config,
     controller::{Session, SessionId},
-    model::{ConnectionGuard, Model},
+    model::Model,
     view::ToTemplateValue,
 };
 
@@ -212,9 +212,10 @@ impl Request {
         &self.inner.cookies
     }
 
-    /// Get the session set on the request, if any. While all requests served
-    /// by Rwf should have a session (guest or authenticated), some HTTP clients
-    /// may not send the cookie back (e.g. cURL won't).
+    /// Get the session set on the request, if any.
+    ///
+    /// All Rwf requests will have a session. If a browser doesn't save cookies (e.g. cURL doesn't),
+    /// a new session will be generated for each request.
     pub fn session(&self) -> &Session {
         &self.session
     }