Refactor automatic setting of root cookie

* Use existing functions
* Respect “remember me” setting

code/Members/Members.js

@@ -202,19 +202,18 @@ Members.prototype.login_action = function() {
       }
 
       res.message = gettext('Welcome to {0}, {1}. Have fun!', res.handlers.site.getTitle(), user.name);
-
       const location = User.getLocation() || this._parent.href();
 
       // If the requested host is outside of the cookie domain, redirect and login to the root site, too
       if (this._parent !== root && !req.getHeader("Host").includes(app.appsProperties.cookieDomain)) {
-        const token = java.util.UUID.randomUUID();
+        const token = session.data.token = java.util.UUID.randomUUID();
         const digest = session.user.getDigest(token);
-        session.user.setMetadata('rootCookieToken', token);
         res.redirect(
           root.href('cookie')
           + '?digest=' + encodeURIComponent(digest)
           + '&name=' + encodeURIComponent(req.postParams.name)
           + '&location=' + encodeURIComponent(location)
+          + (req.postParams.remember ? '&remember=1' : '')
         );
       }
 

code/Root/Root.js

@@ -371,16 +371,13 @@ Root.prototype.mrtg_action = function() {
 // Login to the root site if Members#login_action() redirects here
 // This way custom domains are getting the default domain cookie, too
 Root.prototype.cookie_action = function() {
-  if (req.data.digest && req.data.name) {
+  if (req.data.name && session.data.token) {
     const user = User.getByName(req.data.name);
-    if (user) {
-      const token = user.getMetadata("rootCookieToken");
-      const digest = user.getDigest(token);
-      if (digest === req.data.digest) {
-        session.login(user);
-        user.deleteMetadata("rootCookieToken");
-      }
-    }
+    User.login({
+      digest: user.getDigest(session.data.token),
+      name: req.data.name,
+      remember: req.data.remember
+    });
   }
   res.redirect(req.data.location || req.data.http_referer || root.href());
 };