feat(policy): support unlimited values in user policies and box expiry

- Update user policy and user update handlers to accept -1 as an unlimited value for MaxDays, DailyBoxes, ActiveBoxes, and ShortWindowRequests.
- Introduce `optionalIntAllowUnlimited` helper and update `optionalMBAllowZero` to support -1.
- Use `boxExpiryLabel` helper across admin, dashboard, and download handlers to properly format expiration dates, supporting boxes that never expire.

backend/libs/handlers/download.go

@@ -78,7 +78,7 @@ func (a *App) DownloadPage(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	expiresLabel := box.ExpiresAt.Format("Jan 2, 2006 15:04 MST")
+	expiresLabel := boxExpiryLabel(box.ExpiresAt, "Jan 2, 2006 15:04 MST")
 	title := "Shared files on Warpbox"
 	description := fmt.Sprintf("%d file%s shared via Warpbox · expires %s", len(box.Files), plural(len(box.Files)), expiresLabel)
 	if locked && box.Obfuscate {
@@ -337,6 +337,21 @@ func unlockCookieName(boxID string) string {
 	return "warpbox_unlock_" + strings.NewReplacer("-", "_", ".", "_").Replace(boxID)
 }
 
+// neverExpires reports whether a box's expiry is far enough out to be treated as
+// "forever" (set via the unlimited / -1 expiry option).
+func neverExpires(t time.Time) bool {
+	return time.Until(t) > 50*365*24*time.Hour
+}
+
+// boxExpiryLabel formats a box's expiry with the given layout, rendering
+// "forever" boxes as "Never" instead of a meaningless far-future date.
+func boxExpiryLabel(t time.Time, layout string) string {
+	if neverExpires(t) {
+		return "Never"
+	}
+	return t.Format(layout)
+}
+
 func absoluteURL(r *http.Request, path string) string {
 	if strings.HasPrefix(path, "http://") || strings.HasPrefix(path, "https://") {
 		return path