cached_db backend doesn't honor expiry time

[Aymeric Augustin]

The expiration time is hardcoded to settings.SESSION_COOKIE_AGE instead of self.get_expiry_age().

This bug report is based upon a code review. I will try to write a test case.

[Aymeric Augustin]

This will be easy to fix for cached_db, and very hard for signed_cookies.

Signed cookies store the date of the signature, and the verification function takes a maximum age. Unfortunately, the maximum age is known when the cookie is signed, not when it's verified. Fixing this problem for signed cookies requires a redesign of the way session expiration is handled, which is covered by #19201.

I'm updating the title to restrict this ticket to cached_db.

[Aymeric Augustin <aymeric.augustin@…>]

In 0fe02feab43aa0f0d0608de85cff7183055e6dd7:

[1.5.x] Fixed #19200 -- Session expiry with cached_db

Also did a little bit of cleanup.

Backport of 04b00b6 from master.

[Aymeric Augustin <aymeric.augustin@…>]

In 04b00b668d0d56c37460cbed19671f4b1b5916c3:

Fixed #19200 -- Session expiry with cached_db

Also did a little bit of cleanup.

[Aymeric Augustin <aymeric.augustin@…>]

In 882c47cd405cfd29194f2e968678a5aa1d6ec75f:

Improved tests introduced in 04b00b6.

These tests are expected to fail for the file session backend because it
doesn't handle expiry properly. They didn't because of an error in the
test setup sequence.

Refs #19200, #18194.

[Aymeric Augustin <aymeric.augustin@…>]

In e6b0ee768c46368a41a5b278180d1d1ecbd3d5c6:

[1.5.x] Improved tests introduced in 04b00b6.

These tests are expected to fail for the file session backend because it
doesn't handle expiry properly. They didn't because of an error in the
test setup sequence.

Refs #19200, #18194.

Backport of 882c47c from master.