Implement persistent sessions with 30-day expiration

- Move session storage from in-memory to database
- Add Session model and auto-migrate table
- Set session expiration to 30 days
- Add /api/session/verify endpoint for frontend validation
- Add background session cleanup task (hourly)
- Frontend now verifies session validity on page load
- Clear localStorage when session expires

web/static/js/app.js

@@ -4,12 +4,33 @@ let autoRefreshEnabled = false;
 
 // Restore session on page load
 if (sessionId) {
-    document.getElementById('loginSection').style.display = 'none';
-    document.getElementById('dashboard').style.display = 'block';
-    document.getElementById('logoutBtn').style.display = 'block';
-    loadDashboard();
-    loadDHCPConfig();
-    loadDNSConfig();
+    // Verify session is still valid
+    fetch('/api/session/verify', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ session_id: sessionId })
+    })
+    .then(res => res.json())
+    .then(data => {
+        if (data.valid) {
+            document.getElementById('loginSection').style.display = 'none';
+            document.getElementById('dashboard').style.display = 'block';
+            document.getElementById('logoutBtn').style.display = 'block';
+            loadDashboard();
+            loadDHCPConfig();
+            loadDNSConfig();
+        } else {
+            // Session expired, clear and show login
+            localStorage.removeItem('session_id');
+            sessionId = null;
+        }
+    })
+    .catch(err => {
+        console.error('Session verify error:', err);
+        // On error, clear and show login
+        localStorage.removeItem('session_id');
+        sessionId = null;
+    });
 }
 
 // Auto Refresh