mgr/dashboard: validate/fix behaviour of JWT cookie after expiration
Description of problem¶
With the recent change to Secure cookies, it's been observed that the browser cookies need to be manually cleared from time to time (e.g.: after a new dashboard is deployed), so the question is whether the current behaviour is correct: we should verify that with the JWT token expiration (TTL).
This should be tested by setting a very low JWT TTL:
ceph dashboard set-jwt-token-ttl 120 (seconds).
After 2 minutes logged in, the cookie/JWT should expire and the user should be logged of.
The log-in shouldn't require manually deleting the cookie: it should be a regular log-in operation.