Websocket liveness check

[NHAS]

Currently the moment wag detects a change to the incoming source IP/port of a client they are deauthenticated, and forced to relog in.

This can be frustrating on high churn networks such as mobile networks or folk behind cgnats.

If on the login page we issued a session token that could prove that the client device was still safe, we could omit the deauthenticated and challenge cycle leading to better user experience.

This will most likely be something in 8.1
0