FEATURE: refresh session cookie at most once an hour

This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.

lib/auth/current_user_provider.rb

@@ -16,6 +16,10 @@ class Auth::CurrentUserProvider
     raise NotImplementedError
   end
 
+  # optional interface to be called to refresh cookies etc if needed
+  def refresh_session(user,session,cookies)
+  end
+
   # api has special rights return true if api was detected
   def is_api?
     raise NotImplementedError