feat: add 'Keep me logged in' checkbox to login form

- index.html: checkbox between password field and login button
- app.js: reads #remember-me and passes rememberMe in POST body
- auth.js: rememberMe=true sets 30-day maxAge; false = session cookie
  (expires when browser closes)
- style.css: .form-group--checkbox and .checkbox-label styles

server/routes/auth.js

@@ -34,7 +34,7 @@ const loginLimiter = rateLimit({
 // Authenticate user with Emby
 router.post('/login', loginLimiter, async (req, res) => {
   try {
-    const { username, password } = req.body;
+    const { username, password, rememberMe } = req.body;
     
     console.log(`[Auth] Attempting login for user: ${username}`);
     
@@ -68,15 +68,20 @@ router.post('/login', loginLimiter, async (req, res) => {
     storeToken(user.Id, authData.AccessToken);
     
     // Set authentication cookie (signed when COOKIE_SECRET is set).
+    // rememberMe=true  → persistent cookie, expires in 30 days
+    // rememberMe=false → session cookie, expires when browser closes
     const cookiePayload = JSON.stringify({ id: user.Id, name: user.Name, isAdmin });
     const signed = !!process.env.COOKIE_SECRET;
-    res.cookie('emby_user', cookiePayload, {
+    const cookieOptions = {
       httpOnly: true,
       secure: process.env.NODE_ENV === 'production',
       sameSite: 'strict',
-      signed,
-      maxAge: 24 * 60 * 60 * 1000 // 24 hours
-    });
+      signed
+    };
+    if (rememberMe) {
+      cookieOptions.maxAge = 30 * 24 * 60 * 60 * 1000; // 30 days
+    }
+    res.cookie('emby_user', cookiePayload, cookieOptions);
     
     res.json({
       success: true,