Poor behavior when users get logged out but still have pages open

[seanh]

Related: https://github.com/hypothesis/h/issues/8949

Inactive h users get logged out after seven days when their auth ticket expires, whereas active h users get logged out every thirty days when their auth cookie expires.

If a user has a tab open when their ticket or cookie expires and they get logged out, and the user tries to continue using that tab, they'll run into a variety of unhelpful error messages depending on what they try to do (see below).

One way to reproduce this issue is to leave a tab open for at least seven days (or at least thirty days if you remain active in other tabs) then return to the old tab an try to continue using it.

But it's not necessary to leave a tab open for a long time to run into these issues: auth cookies expire every thirty days whether the user is active or not. If a user's auth cookie is 29 days, 23 hours, 59 minutes and 59 seconds old and they open a page for more than a second and then try to click something on the page they'll run into these issue.

Another way to run into this problem is to have multiple tabs open, log out in one tab, and then try to continue using another open tab.

The error message that the user will run into depends on what they try to do. Here's some examples:

Editing their user profile:

Clicking on a link to a page that they need to be logged in to see:

Creating a group: