TYPO3 Core

Steps to reproduce:

1. Set $GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] to 70.
2. Login via /typo3/
3. Wait 60 seconds for the login-refresh-popup to occur
4. Click the "Stay logged in" button
5a Wait 10 seconds and click on a module => A redirect to the login screen will appear
5b Wait another 60 seconds => A password-box will appear because the session has not been updated.

Description:
For unknown reasons the /ajax/login/refresh
route has never been used (all the way back to v6),
to request a session timeout update.

Instead the route /ajax/login/timedout, without the
skipSessionUpdate=1 parameter has been used to
refresh an existing session.

With the introducting of configurable loute parameters
in #81409 this inconsitency wasn't noticed and the
skipSessionUpdate parameter has been moved into the
route-configuration, which meant /ajax/login/timedout was
always called with skipSessionUpdate=1,
even as result of the "Stay logged in" button, where
a session update was intended.

Use the dedicated /ajax/login/refresh route
in order to actually refresh the session.