fix: set etcd user_session ttl to refresh token expiry time

[kristiangronas]

Otherwise the session will already be deleted when you refresh your token, and the token refresh will fail

What is this change?

This makes the user_session etcd lease last as long as the refresh token

Why is this change necessary?

Without it we were seeing errors like this:

{"error":"key /sensu.io/user_sessions/admin/<id> not found",
"level":"info",
"msg":"unexpected error while authorizing refresh token",
"time":"2025-08-18T10:47:20+02:00"}

We also had trouble refreshing the token in the web ui, as a stopgap we increased the access token expiry

Does your change need a Changelog entry?

Yes

Do you need clarification on anything?

Were there any complications while making this change?

Have you reviewed and updated the documentation for this change? Is new documentation required?

No

How did you verify this change?

check the expiry with etcdctl --endpoints localhost:2379 lease timetolive <lease-id> --keys

set a low access token expiry, and wait 6 minutes and try to run a sensuctl command, and see that the token refresh now succeeds

Is this change a patch?

Yes