feat: add remember me on login, server-side admin checks on member management

Signed-off-by: kjuulh <contact@kjuulh.io>

crates/forage-server/src/auth.rs

@@ -139,15 +139,19 @@ impl FromRequestParts<AppState> for MaybeSession {
 }
 
 /// Build a Set-Cookie header for the session.
-pub fn session_cookie(session_id: &SessionId) -> CookieJar {
-    let cookie = Cookie::build((SESSION_COOKIE, session_id.to_string()))
+/// When `remember` is true, the cookie persists for 30 days; otherwise it is a session cookie.
+pub fn session_cookie(session_id: &SessionId, remember: bool) -> CookieJar {
+    let mut builder = Cookie::build((SESSION_COOKIE, session_id.to_string()))
         .path("/")
         .http_only(true)
         .secure(true)
-        .same_site(axum_extra::extract::cookie::SameSite::Lax)
-        .build();
+        .same_site(axum_extra::extract::cookie::SameSite::Lax);
 
-    CookieJar::new().add(cookie)
+    if remember {
+        builder = builder.max_age(time::Duration::days(30));
+    }
+
+    CookieJar::new().add(builder.build())
 }
 
 /// Validate that a submitted CSRF token matches the session's token.