If a cookie is signed for one purpose, but the server also uses a
differently named signed cookie name for another purpose, then it's
possible for a malicious client to substitute the value of one signed
cookie with the value of another and have it pass the signature check.
Include the name of the cookie when computing the signature so that no
cookies signed for example for "user_session" can be used as a value for
a hypothetical "admin_session" cookie.
Set a max age for the session cookie to prevent it from expiring when
the browser is closed. To prevent the age limit from being being
reached the session cookie is refreshed every time the session is
loaded. This should fix login being lost when the browser is stopped.
Provide a convenient wrapper for setting SHA-256 HMAC signed cookies and
retreiving them with the signature validated. The secret key is
configured in the NUXT_COOKIE_SECRET_KEY environment variable.
