[societegenerale] keep the MFA from being reset after 10 minutes
To prevent a MFA reset we need to a) set the TWOFA_DURATION
constant (to 90 days)
so that the state is not automatically reset at STATE_DURATION
minutes ; and b)
prevent the important cookie from being flushed at the start of a session.
Trials and errors determined a cookie whose name starts with NAVID-
to be
responsible for keeping the MFA session.
Cf #708
Note: This MR is based on another MRs !909 (merged), !910 (merged), !911 (merged) which must be merged first, and this one rebased. Thus the "Draft" status.
Edited by Ludovic LANGE