Invalid client sessions after server restart (release/v5.0.0)

[rubensworks]

After the server is restarted, client-side code still thinks that the user is logged in, even if the server-side session has been invalidated.

This causes some inconsistencies, such as the login button disappearing on access-denied pages, like here:

[rubensworks]

This issue is not that urgent anymore, now that #1007 has been merged.

I suggest to either close this, or remove it from the 5.0.0 milestone.

[kjetilk]

OK, good, thanks!