fix: correctly handle expired JWE's in cookies

[frederikprijck]

📋 Changes

We ensured JWE's expire in #2040 , this has the side-effect that when an expired token hits the API, it would throw a 500 because it can not encrypt the JWE due to the expiration.

Instead of this, it should act as if there is no active session.

📎 References

#2081

🎯 Testing

1. Obtain an expired JWT
2. Hit the Next.js server wired up with the Auth0 middleware
3. Boom, HTTP 500

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 96.07843% with 2 lines in your changes missing coverage. Please review.

Project coverage is 83.02%. Comparing base (0fdcd13) to head (bdac51a).
Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
src/server/session/stateful-session-store.ts	93.75%	1 Missing ⚠️
src/server/session/stateless-session-store.ts	93.75%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2082      +/-   ##
==========================================
+ Coverage   82.66%   83.02%   +0.35%     
==========================================
  Files          21       21              
  Lines        2060     2085      +25     
  Branches      362      371       +9     
==========================================
+ Hits         1703     1731      +28     
+ Misses        350      347       -3     
  Partials        7        7              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.