Redirect to login on expired legacy session (#4523)

After refactor, it turned out that when the _legacy_ session times out,
the conn is halted but no body is sent. This results in 500 error (`Plug.Conn.NotSentError`).

This PR fixes it by redirecting to login page.

lib/plausible_web/plugs/session_timeout_plug.ex

@@ -18,6 +18,7 @@ defmodule PlausibleWeb.SessionTimeoutPlug do
       user_id && timeout_at && now() > timeout_at ->
         conn
         |> PlausibleWeb.UserAuth.log_out_user()
+        |> Phoenix.Controller.redirect(to: "/login")
         |> halt()
 
       user_id ->

test/plausible_web/plugs/session_timeout_plug_test.exs

@@ -41,5 +41,7 @@ defmodule PlausibleWeb.SessionTimeoutPlugTest do
       |> SessionTimeoutPlug.call(@opts)
 
     assert conn.private[:plug_session_info] == :renew
+    assert conn.halted
+    assert Phoenix.ConnTest.redirected_to(conn, 302) == "/login"
   end
 end