Feature description

Please make the duration of the sessions generated by HTTP form login configurable, with the option to never expire.

(Additionally, if an easy change while touching this code: please allow configuring the path for the session cookie, as it currently defaults to / which is incorrect if Syncthing is reverse-proxied with a path)

Problem or use case

I switched from HTTP Basic Authentication to form authentication because I was tired of having to login again everytime I restarted my browser. However, even in this situation, I am still presented with a login form about once per week. I would like to log in exactly once and stay forever logged in unless I explicitly clear my cookies.

Alternatives or workarounds

None.