*: rename internally used "state" form value to "req"

"state" means something specific to OAuth2 and SAML so we don't
want to confuse developers who are working on this.

Also don't use "session" which could easily be confused with HTTP
cookies.

web/templates/approval.html

@@ -19,7 +19,7 @@
   <div>
     <div class="form-row">
       <form method="post">
-        <input type="hidden" name="state" value="{{ .State }}"/>
+        <input type="hidden" name="req" value="{{ .AuthReqID }}"/>
         <input type="hidden" name="approval" value="approve">
         <button type="submit" class="btn btn-success">
             <span class="btn-text">Grant Access</span>
@@ -28,7 +28,7 @@
     </div>
     <div class="form-row">
       <form method="post">
-        <input type="hidden" name="state" value="{{ .State }}"/>
+        <input type="hidden" name="req" value="{{ .AuthReqID }}"/>
         <input type="hidden" name="approval" value="rejected">
         <button type="submit" class="btn btn-provider">
             <span class="btn-text">Cancel</span>

web/templates/login.html

@@ -6,7 +6,7 @@
   <div>
     {{ range $c := .Connectors }}
       <div class="form-row">
-        <a href="{{ $c.URL }}?state={{ $.State }}" target="_self">
+        <a href="{{ $c.URL }}?req={{ $.AuthReqID }}" target="_self">
           <button class="btn btn-provider">
             <span class="btn-icon btn-icon-{{ $c.ID }}"></span>
             <span class="btn-text">Log in with {{ $c.Name }}</span>

web/templates/password.html

@@ -15,7 +15,7 @@
       </div>
 	  <input tabindex="2" required id="password" name="password" type="password" class="input-box" placeholder="password" {{ if .Invalid }} autofocus {{ end }}/>
     </div>
-    <input type="hidden" name="state" value="{{ .State }}"/>
+    <input type="hidden" name="req" value="{{ .AuthReqID }}"/>
 
     {{ if .Invalid }}
       <div class="error-box">