issue: ENG-6358
invalidSessionRecovery is supposed to prevent logout being overriden by old session recovery
See the original diff introducing invalidSessionRecovery: D183
Currently we cross reference the currentUserInfo in state and action payload. But in the new login flow, the currentUserInfo may not be included in the action - and in the future it will definitely not be included.
We will instead check if the current user info is the same as the one the action was called for. This is similar to how PreRequestUserState is used right above for logout, to check if the logout action is not trying to override a newer valid session