use string for datetime in session

It seemed to work when testing manually, but both pytest and the django documentation indicate that you can't pass datetimes around as session values.

bookwyrm/views/landing/login.py

@@ -1,5 +1,6 @@
 """ class views for login/register views """
-from datetime import datetime
+import time
+
 from django.contrib.auth import authenticate, login, logout
 from django.contrib.auth.decorators import login_required
 from django.shortcuts import redirect
@@ -56,7 +57,7 @@ class Login(View):
             # if 2fa is set, don't log them in until they enter the right code
             if user.two_factor_auth is True:
                 request.session["2fa_user"] = user.username
-                request.session["2fa_auth_time"] = datetime.now()
+                request.session["2fa_auth_time"] = time.time()
                 return redirect("login-with-2fa")
 
             # otherwise, successful login

bookwyrm/views/preferences/two_factor_auth.py

@@ -103,14 +103,13 @@ class LoginWith2FA(View):
 
     def get(self, request):
         """Display 2FA form"""
-
         data = {"form": forms.Confirm2FAForm()}
         return TemplateResponse(request, "two_factor_auth/two_factor_login.html", data)
 
     def post(self, request):
         """Check 2FA code and allow/disallow login"""
         user = models.User.objects.get(username=request.session["2fa_user"])
-        elapsed_time = datetime.now() - request.session["2fa_auth_time"]
+        elapsed_time = datetime.now() - datetime.fromtimestamp(int(request.session["2fa_auth_time"]))
         form = forms.Confirm2FAForm(request.POST, instance=user)
         # don't allow the login credentials to last too long before completing login
         if elapsed_time > timedelta(seconds=60):