add session based auth workflow

[pmeier]

Closes #158, closes #178, and closes #179. This is a massive PR that completely overhauls our auth flow. The old auth flow had multiple problems detailed in https://github.com/Quansight/ragna/issues/178#issuecomment-2003254762.

With this PR we now have a session based auth workflow that is independent of the UI through the following endpoints:

• GET /login: user defined login page
• POST /login: login endpoint for form-based auth, e.g. username and password
• GET /oauth-callback: login endpoint for OAuth based auth
• GET /logout: logout endpoint to clear the active session

The login endpoints can be configured through the ragna.config.Auth object.

After a successful login we set a session cookie and create an entry for the corresponding user in a key-value-store. With this PR we have support for in-memory and Redis key-value-stores.

Although we don't have a way to display it yet, the auth flow already supports authenticating with an API token, which is generated for each user.

Todo in follow-up PRs:

• documentation
• tests
• automatic handling for refresh tokens when using OAuth
• generic OAuth object

I'm aware that reviewing this is quite the ask. Happy to schedule some time to walk you through any part of the change.