fix: replace sessionStorage with session cookie

Because it was found that sessionStorage works differently from session cookie.

packages/npm/@amazeelabs/decap-cms-backend-token-auth/package.json

@@ -46,9 +46,11 @@
   "devDependencies": {
     "@amazeelabs/eslint-config": "1.4.43",
     "@octokit/types": "13.5.0",
+    "@types/js-cookie": "3.0.6",
     "@types/node": "18.19.33",
     "@types/react": "18.3.1",
     "@types/semaphore": "1.1.4",
+    "js-cookie": "3.0.5",
     "typescript": "5.4.5",
     "vitest": "1.6.0"
   },

packages/npm/@amazeelabs/decap-cms-backend-token-auth/src/backend.ts

@@ -1,6 +1,7 @@
 import { TokenAuthClient } from '@amazeelabs/token-auth-middleware';
 import { GitHubBackend } from 'decap-cms-backend-github';
 import { Implementation } from 'decap-cms-lib-util';
+import Cookies from 'js-cookie';
 
 import { AuthComponent } from './ui.js';
 
@@ -55,7 +56,7 @@ export class TokenAuthBackend implements Implementation {
       // Authenticate against the delegate backend.
       await this.delegate.authenticate(status);
       // Let frontend know that user is logged in.
-      sessionStorage.setItem('decap-cms-logged-in', '1');
+      Cookies.set('decap-cms-logged-in', '1');
       // Return status information.
       return {
         ...status,
@@ -81,7 +82,7 @@ export class TokenAuthBackend implements Implementation {
   async logout() {
     await this.client.logout();
     await this.delegate.logout();
-    sessionStorage.removeItem('decap-cms-logged-in');
+    Cookies.remove('decap-cms-logged-in');
   }
 
   /**