Allow dev to set SameSite, MaxAge, & Secure attributes on cookie

[websocket98765]

• https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#security
• https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
• https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#max-agenumber
• https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#secure

Relevant line in sk-auth:

sk-auth/src/auth.ts

Line 133 in 4bf8cc9

"set-cookie": `svelteauthjwt=${jwt}; Path=/; HttpOnly`,

Maybe also relevant? Do JWT and cookie need to be set to the same expiration?

sk-auth/src/auth.ts

Line 100 in 4bf8cc9

expiresIn: this.config?.jwtExpiresIn ?? "30d",

[websocket98765]

Possible solution would be to have add something like this to the config:

cookie: {
   maxAge: 1234,                  // jwtExpires and cookie probably should be set the same automatically
   sameSite: 'Strict',             // 'Lax' is the browser default if unspecified according to Mozilla link above
   secure: dev ? false : true       // defaults to false; dev would use `dev ? true : false` as the value most likely.
}