🚧(auth) implement first draft of silent login with prompt=None

Add initial naive implementation of silent login functionality using
prompt=None parameter to request OIDC provider to skip login screen and
return proper HTTP error response instead.

Known issue: Homepage flickering occurs when silent login is triggered.
Further investigation and fixes needed to resolve UI state management
during silent authentication attempts.

Author: lebaudantoine

src/backend/impress/settings.py

@@ -467,6 +467,8 @@ class Base(Configuration):
     )
 
     # OIDC - Authorization Code Flow
+    OIDC_AUTHENTICATE_CLASS = "lasuite.oidc_login.views.OIDCAuthenticationRequestView"
+    OIDC_CALLBACK_CLASS = "lasuite.oidc_login.views.OIDCAuthenticationCallbackView"
     OIDC_CREATE_USER = values.BooleanValue(
         default=True,
         environ_name="OIDC_CREATE_USER",

src/frontend/apps/impress/src/features/auth/api/useAuthQuery.tsx

@@ -4,6 +4,7 @@ import { APIError, errorCauses, fetchAPI } from '@/api';
 import { DEFAULT_QUERY_RETRY } from '@/core';
 
 import { User } from './types';
+import {attemptSilentLogin, canAttemptSilentLogin} from "@/features/auth/silentLogin";
 
 /**
  * Asynchronously retrieves the current user's data from the API.
@@ -18,6 +19,10 @@ import { User } from './types';
 export const getMe = async (): Promise<User> => {
   const response = await fetchAPI(`users/me/`);
 
+  if (!response.ok && response.status == 401 && canAttemptSilentLogin()) {
+    attemptSilentLogin(30);
+  }
+
   if (!response.ok) {
     throw new APIError(
       `Couldn't fetch user data: ${response.statusText}`,

src/frontend/apps/impress/src/features/auth/silentLogin.ts

@@ -0,0 +1,35 @@
+import { gotoLogin } from '@/features/auth'
+
+const SILENT_LOGIN_RETRY_KEY = 'silent-login-retry';
+
+const isRetryAllowed = () => {
+  const lastRetryDate = localStorage.getItem(SILENT_LOGIN_RETRY_KEY);
+  if (!lastRetryDate) {
+    return true;
+  }
+  const now = new Date();
+  return now.getTime() > Number(lastRetryDate);
+};
+
+const setNextRetryTime = (retryIntervalInSeconds: number) => {
+  const now = new Date();
+  const nextRetryTime = now.getTime() + retryIntervalInSeconds * 1000;
+  localStorage.setItem(SILENT_LOGIN_RETRY_KEY, String(nextRetryTime));
+};
+
+const initiateSilentLogin = () => {
+  const currentPath = window.location.pathname;
+  gotoLogin(currentPath, true);
+};
+
+export const canAttemptSilentLogin = () => {
+  return isRetryAllowed();
+};
+
+export const attemptSilentLogin = (retryIntervalInSeconds: number) => {
+  if (!isRetryAllowed()) {
+    return;
+  }
+  setNextRetryTime(retryIntervalInSeconds);
+  initiateSilentLogin();
+};

src/frontend/apps/impress/src/features/auth/utils.ts

@@ -3,8 +3,8 @@ import { terminateCrispSession } from '@/services/Crisp';
 
 import { LOGIN_URL, LOGOUT_URL } from './conf';
 
-export const gotoLogin = (returnTo = '/') => {
-  const authenticateUrl = LOGIN_URL + `?returnTo=${backendUrl() + returnTo}`;
+export const gotoLogin = (returnTo = '/', isSilent = false) => {
+  const authenticateUrl = LOGIN_URL + `?silent=${encodeURIComponent(isSilent)}&returnTo=${backendUrl() + returnTo}`;
   window.location.replace(authenticateUrl);
 };