A new random session ID is automatically generated whenever a user
goes through the login workflow, and it's then saved to the 'auth'
cookie.

This allows us to call keystore.Open() and keystore.Close() with this
session ID, preventing multiple users logging in from different
browsers to cobble their key storage (as implemented in keystore!32).

Instead of changing the AuthClient interface, we've opted to attach
the session ID to the Context like we do for the Auth object.