pass phrase session length should be configurable with client configuration

[tomholub]

The returned JSON may contain "in_memory_pass_phrase_session_length": 3600 for example. The number is an integer and to be interpreted as amount of seconds a pass phrase session will last. Currently hard-coded as 4 hours.

This mechanism applies only when browser extension is storing pass phrase in-memory. In other words, it does not affect the decision as to where the pass phrase will be stored, that was decided either by user or by FORBID_STORING_PASS_PHRASE. If the pass phrase is stored in storage, whatever the reason for it, this new client configuration will have no effect.

Originally posted by @tomholub in FlowCrypt/flowcrypt-browser#4613 (comment)