Extended login: Don't use a $wg config variable, add UserName
CentralAuth needs 'User' as well for this to work. However, this
shows the exact cookie names are an implementation detail that should
not be exposed as a 'wg'.
Instead, use a function in the CookieSessionProvider. That way,
CentralAuth can override it properly without requiring users to change
$wg's.
I also added UserName. provideSessionInfo will fail to return
session info if UserID and UserName are both set and don't match.
Also, the UserID<->UserName mapping is public, so there is no
additional privacy issue. Thus, it seems we should expire them
the same time.
Bug: T68699
Change-Id: Ia3259846433980408f79d44f665e17e15670e8ee