feat: add magic link force login config

[warcooft]

Description

This feature provides config for developers so that the behavior when checking user sessions in the startLogin function can be easily controlled. So the user does not need to log out to assign a new user session.

We also set the default value in that configuration to false to preserve the previous behavior

Checklist:

• [x] Securely signed commits
• [x] Component(s) with PHPDoc blocks, only if necessary or adds value
• [ ] Unit testing, with >80% coverage
• [x] User guide updated
• [x] Conforms to style guide

[kenjis]

I submit a magicLink request using the incognito browser, then the magicLink sends an email to my my gmail in main browser. when opened it will cause a LogicException because in my main browser I am already logged in.

This could happen rarely. In this case, the CodeIgniter\Shield\Exceptions\LogicException should not happen. But I don't think you should be logged out automatically and logged in with the magic link. Because this scenario is not a normal use case. Showing the message with "you are already logged in as ..." is better?

[kenjis]

this case often occurs when development involves switching accounts with specific roles.

Shield does not have a feature to switch accounts. When you are logged in, if you navigate to login or login/magic-link, you will be redirected.

[warcooft]

I submit a magicLink request using the incognito browser, then the magicLink sends an email to my my gmail in main browser. when opened it will cause a LogicException because in my main browser I am already logged in.

This could happen rarely. In this case, the CodeIgniter\Shield\Exceptions\LogicException should not happen. But I don't think you should be logged out automatically and logged in with the magic link. Because this scenario is not a normal use case. Showing the message with "you are already logged in as ..." is better?

I agree instead of displaying exception/whoops page.