Make session cookie last for two weeks to work around iOS bug

Mobile Safari has a tendency to use cached form values even when the
cache control headers tell it otherwise. However the session cookie
has expired so when the form is submitted the CSRF token is invalid.

See rails/rails#21948 for further details.

Fixes #451.

config/initializers/session_store.rb

@@ -1,3 +1,3 @@
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store, key: '_epets_session'
+Rails.application.config.session_store :cookie_store, key: '_epets_session', expire_after: 2.weeks