sessions: use client-relative session expiration
This commit replaces the server-time based expires
attribute with
max_age
, which is a timedelta relative to the client.
This fixes an issue in the reForis guide, where initial router setup was not possible due to the device's clock being out of sync with the client's.
expires
has not been removed in order to be compatible with older
browsers. Max-Age has precedence over Expires:
https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.2.2
Fixes turris/os/packages#779 (closed)
Closes: #381 (closed)
Signed-off-by: Martin Matějek martin.matejek@nic.cz