Some customers have requested that we allow the default TTL for session tokens to be customizable. Adjusting our native default cannot improve this, as some customers have requested tighter lifetimes for security purposes, whereas others want to extend them for convenience.

We should allow the default to be customizable at the deployment level. We don't need to allow users to pass a TTL in the coder login call, just need to allow administrators to customize the default maximum.