dashboard/app: fix cookie caching and redirects

Set expiration date for the cookie,
otherwise it should be dropped on browser restart.

Use http.StatusFound(302) instead of http.StatusMovedPermanently(301)
for redirects. Browsers can cache 301 redirects, which we don't want.
diff --git a/dashboard/app/app_test.go b/dashboard/app/app_test.go
index ca578eb..a131e40 100644
--- a/dashboard/app/app_test.go
+++ b/dashboard/app/app_test.go
@@ -344,8 +344,8 @@
 	c := NewCtx(t)
 	defer c.Close()
 
-	checkRedirect(c, AccessUser, "/", "/test1", http.StatusMovedPermanently) // redirect to default namespace
-	checkRedirect(c, AccessAdmin, "/", "/admin", http.StatusMovedPermanently)
+	checkRedirect(c, AccessUser, "/", "/test1", http.StatusFound) // redirect to default namespace
+	checkRedirect(c, AccessAdmin, "/", "/admin", http.StatusFound)
 	checkLoginRedirect(c, AccessPublic, "/access-user") // not accessible namespace
 
 	_, err := c.httpRequest("GET", "/access-user", "", AccessUser)
diff --git a/dashboard/app/handler.go b/dashboard/app/handler.go
index 499f7a8..bd62d26 100644
--- a/dashboard/app/handler.go
+++ b/dashboard/app/handler.go
@@ -11,6 +11,7 @@
 	"net/http"
 	"sort"
 	"strings"
+	"time"
 
 	"github.com/google/syzkaller/pkg/html"
 	"golang.org/x/net/context"
@@ -48,7 +49,7 @@
 				return
 			}
 			if redir, ok := err.(ErrRedirect); ok {
-				http.Redirect(w, r, redir.Error(), http.StatusMovedPermanently)
+				http.Redirect(w, r, redir.Error(), http.StatusFound)
 				return
 			}
 			if _, dontlog := err.(ErrDontLog); !dontlog {
@@ -220,8 +221,9 @@
 		return
 	}
 	cookie := &http.Cookie{
-		Name:  cookieName,
-		Value: base64.StdEncoding.EncodeToString(data),
+		Name:    cookieName,
+		Value:   base64.StdEncoding.EncodeToString(data),
+		Expires: time.Now().Add(time.Hour * 24 * 365),
 	}
 	http.SetCookie(w, cookie)
 }
diff --git a/dashboard/app/main.go b/dashboard/app/main.go
index 88bcfce..aad68a0 100644
--- a/dashboard/app/main.go
+++ b/dashboard/app/main.go
@@ -196,7 +196,7 @@
 // handleMain serves main page.
 func handleMain(c context.Context, w http.ResponseWriter, r *http.Request) error {
 	if ns := r.FormValue("fixed"); ns != "" {
-		http.Redirect(w, r, fmt.Sprintf("/%v/fixed", ns), http.StatusMovedPermanently)
+		http.Redirect(w, r, fmt.Sprintf("/%v/fixed", ns), http.StatusFound)
 		return nil
 	}
 	hdr, err := commonHeader(c, r, w, "")