LG-12214: Refresh device cookie on every user event

[aduth]

🎫 Ticket

LG-12214

🛠 Summary of changes

Ensures that the "permanent" device cookie is effectively permanent by re-assigning it on each user event.

Additional background from the ticket:

When a user signs in to Login.gov, we set a cookie to uniquely identify that device so that it is remembered for subsequent sign-ins. As seen in the linked code, the cookie is intended to be permanent, which is documented as expiring "in 20 years from now". However, some browsers may impose limits on the duration of cookies. Chrome sets a maximum cookie expiration to 400 days.

Because of this, a user who signs in with the same Chrome device after 400 days will be treated as a new device, thereby triggering new device notifications, and creating a new device entry in the user's account dashboard.

As documented on the same blog post, there are no restrictions which prevent us from refreshing the cookie expiration every time the user signs-in. Currently we do not do this, since we only set the cookie if the cookie isn't already set.

📜 Testing Plan

1. Go to http://localhost:3000
2. Sign in
3. Open "Cookies" tab in browser dev tools to see your cookies
4. Take note of the expiration of the "device" cookie
5. Sign out
6. Repeat Steps 2-4
7. Observe that the expiration date is extended on your second sign-in