After successful login, we start a goroutine to handle refreshing the
session token in the background, with session expiry defined in
auth.ExpiryDuration.

To kill the goroutine cleanly at Logout, s.sessionCancelFuncs maintains
a map of did->cancelFunc which we look up and call at logout.

Accounting for this map getting cleared at program end, we restore a
token refresher at the *first* authenticated request using RestoreSessionIfNeeded
in the AuthMiddleware.

we want to enable proper rollback mechanism on knots to eventually

add git as a dep to knotserver

and trims timeline to 50 events now

do we bother with migrations yet?

nearly there; some hardcoded paths need tweaking for push to work

fix issue closing, indicate alpha etc

also setup nixos module

my vision...

The previous cache key was just the path, so files that are often common
across git repos like '.gitignore' etc. show a cached "last commit" time
from another repository. Pretty funny.

This uses the current plumbing.Hash.String():path as the key which
should theoretically be unique to each repository.