This implements optional SSO via OIDC for logging in and signing up (for the first admin sign up or if sign up is allowed). The most requested feature!
Tested with Authentik and Google!
It includes a new `SimpleCache` interface (in-memory, using [`caches`](https://developer.mozilla.org/en-US/docs/Web/API/Window/caches)) for storing the state and code challenges.
Closes#13
* Add TOTP MFA Support
* Add Passkey MFA Support
It's not impossible I missed some minor cleanup, but most things make sense and there isn't a lot of obvious duplication anymore.
---------
Co-authored-by: Bruno Bernardino <me@brunobernardino.com>
* Implement a more robust Config
This moves the configuration variables from the `.env` file to a new `bewcloud.config.ts` file. Note that DB connection and secrets are still in the `.env` file.
This will allow for more reliable and easier personalized configurations, and was a requirement to start working on adding SSO (#13).
For now, `.env`-based config will still be allowed and respected (overriden by `bewcloud.config.ts`), but in the future I'll probably remove it (some major upgrade).
* Update deploy script to also copy the new config file
