BUG: SSO--expired session causes endless spinner

[mshappe]

Related to #432 , it appears that we DO already have session expiry, after a fashion, but we rarely notice, because if you go to signin.convergence-con.org, you always are prompted to log in regardless of session status. You only notice if you try to go directly to, say, the concom list.

However, for the SSO workflow, an expired session appears to lead to an endless spinner rather than a login prompt. First discovered and mistakenly identified as an Android Chrome bug when first Nadim and then myself tried to login to cvgtest using OAuth and got the endless spinner. An incognito tab worked, however. Then I ran into it on a desktop (my work Mac), eliminating the platform from being the issue.

[AricStewart]

Sessions expire in 24 hours, Refresh tokens (to get a new session) expire in 1 week.
This is no longer an issue with the current code.