Refactored the code to just take in the session from the controller, so we don't have to handle cookies and headers in every service method