Warn Users when running with `--insecure`

[bigkevmcd]

Describe the bug When TLS is disabled, authentication tokens are transmitted without encryption.

Is this a UI bug or a server bug?

• [X] UI
• [X] Server

What is the severity of the bug Unencrypted Authentication Tokens could be captured.

• [ ] severity/Critical: Weave GitOps is crashing or experiencing data loss, the UI is inaccessible or a key feature is unusable. There is no known workaround
• [X] severity/Major: Weave Gitops functionality is broken, there is a workaround, but the workaround requires significant effort
• [ ] severity/Minor: Weave Gitops functionality is broken, but there is a fairly straightforward workaround
• [ ] severity/Low: Doesn’t affect primary flow/functionality but would be good to fix

Environment

• gitops: [e.g. v0.1.0]
• How you deployed the Weave GitOps server: [e.g. Tilt, Helm Chart, etc]
• kubernetes: [e.g. 1.20.4]
  • [ ] KinD - version]
  • [ ] k3s - version
  • [ ] cloud [e.g., EKS, AKS] version
  • [ ] other - name version
• Browser + version: [e.g. chrome 74, safari 12, firefox 87]

To Reproduce Steps to reproduce the behavior:

Expected behavior Users should be warned that their credentials are not secure when --insecure is configured.

Config and Logs If applicable, add logs to help explain your problem. please compress the output before attaching

• [ ] Logs from the wego-app pod
• [ ] Events from flux-system namespace (Or the namespace you deployed flux and/or Weave GitOps)
• [ ] kubectl cluster-info dump
• [ ] Prometheus alerts
• [ ] Flux logs

Screenshots

Additional context

[lasomethingsomething]

Still an issue?