link-based login was scoping cookies to the /login-code path, resulting
in the cookie not being present on any subsequent request and therefore
treating the user as being logged out. explicitly setting the cookie
path to the root URL ("/") fixes this.
link-based login was scoping cookies to the /login-code path, resulting in the cookie not being present on any subsequent request and therefore treating the user as being logged out. explicitly setting the cookie path to the root URL ("/") fixes this.