Update validation to redirect to login instead

[krischarbonneau]

ADO-216945

Changelog

fix: Changed the fall through else block in the refresh-msca api to 401 instead of 500 feat: Updated validation to instead destroy session cookies and redirect to login feat: Added a robots.txt that ignores the api folder

Description of proposed changes:

This PR implements the changes that were introduced in #637 as I believe that is a better way of handling validation. I've also changed the fall through else block in the refresh-msca API to return a 401 instead of a 500 at the request of Wayne Paquette as it was flooding the logs and 401 makes more sense anyway. On that note, I've also added a robots.txt that ignores our API folder to cut down on the web crawlers that are no doubt scraping that API route.

What to test for/How to test

1. Pull in branch
2. If not running in a docker container (ie. just running npm run dev), ensure you have the dev cert in env.crt and change the path in the next-auth config to point to that.
3. Ensure auth is enabled and type npm run dev
4. Login
5. Once on the dashboard, open one of the links in a new tab while keeping the dashboard open
6. On MSCA, click the sign out button
7. Switch back to the MSCA-D tab and click anywhere on the page (it may redirect automatically depending on how long you were on the other page due to the visibility change check). You should be redirected to the login page and then to the stream links page.

[github-actions[bot]]

Integration Deployment :rocket: - Build Status Jest Coverage Report Cypress Coverage Report