fix(app/web): clean session token when expired

Token may expire or be revoked leading in 404 bad credentials errors when a session is still attached to an user.
This error should be caught to automatically revoke the session and make the user use the shared octokit again rather than a custom invalid octokit