I believe that the purpose of “salt” is that it is a purely random number, passed around along with the salted key and unencrypted.   It isn’t stored in any database table anywhere.

“Eve” is left with the salted password and the salt-value, and no way to determine the (secret) actual session-key to which the web application (alone) is able to convert them.   In fact it is possible for the salt value to be constantly changing throughout the session.