Refresh JWT token on API calls

[llamaonduty]

Feature description

JWT tokens are issued when calling POST /authenticate once, and the expiration date is never renewed. This would make the user session expire in one hour after a user logs in. API calls should refresh the JWT token in the response header and the UI should update the cookie so that user session stays active if the user stays active.