securecookie: the value is too long

[willemvd]

In the OpenID Connect provider the id_token is stored in the session because this contains the user information. Storing the session can cause the error "securecookie: the value is too long" when there is a lot of data stored in the id_token field

[willemvd]

We should think of a way to store more information if it doesn't fit in the cookie.
Maybe introduce a new Store which uses disk storage combined with a private key to secure the data?
@markbates Any suggestions?

[markbates]

I wouldn't want to change the default store for a cookie store, as that is easy for most people to get up and running with, plus, this only appears to be a problem with the OpenID provider, as far as I can tell.

Since we're using http://www.gorillatoolkit.org/pkg/sessions it should be easy enough for people to plugin their own session stores if the cookie store isn't working for them.