Issue 9 better feedback on session timeout

Renders the following when the login session times out:

I toyed with the idea of adding a link back to the initiating application, but unfortunately because they first thing that a user hits could either be GCP 2FA, Raven or our app, there's no way for us to get the referrer of the actual application which initiated login. Redirecting to the return url might work in some cases, but may not if applications have a specific path which requires the access_code parameter.

Closes #9 (closed)