Drop the ssh key from the information stored in the cookie
Some ssh keys can be very long or some users can have multiple ssh keys,
either can result in a significant amount of data stored in the cookie
and in some cases too much information. If it goes above the limit for
cookie size, the browser will not store the cookie leading to pagure
considering the user is not authenticated.
This then becomes really confusing. The user goes to a page that
requires authentication, they are redirected to the authentication
server, there they log in, they're sent back to pagure that set-ups the
user, they are then redirected to the page they were trying to access in
the first place, but since the cookie didn't stick, pagure considers
them not authenticated and sends them back to the authentication server
and we're entering a loop of redirects between pagure and the
authentication server, neither of which are producing an
error/stacktrace that would give some clues to the admins.
However, it turns out that pagure only uses the ssh key information to
set-up the user on the pagure side right after authentication. So there
is absolutely no need to keep that information in memory or in the
cookie. We can thus, safely, drop that information frome the cookie
which in turns, breaks the issue described above.
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>