✨ Implement login authentication module with routes for checking user authentication

Author: pcrespov

services/web/server/src/simcore_service_webserver/login_auth/__init__.py

@@ -0,0 +1,30 @@
+import logging
+
+from aiohttp import web
+from aiohttp.web import RouteTableDef
+from servicelib.aiohttp import status
+
+from .._meta import API_VTAG
+from ..login.decorators import login_required  # FIXME: move this here
+
+_logger = logging.getLogger(__name__)
+
+
+routes = RouteTableDef()
+
+
+@routes.get(f"/{API_VTAG}/auth:check", name="check_auth")
+@login_required
+async def check_auth(request: web.Request) -> web.Response:
+    """Lightweight endpoint for checking if users are authenticated & authorized to this product
+
+    Used primarily by Traefik auth middleware to verify session cookies
+    SEE https://doc.traefik.io/traefik/middlewares/http/forwardauth
+    """
+    # NOTE: for future development
+    # if database access is added here, services like jupyter-math
+    # which load a lot of resources will have a big performance hit
+    # consider caching some properties required by this endpoint or rely on Redis
+    assert request  # nosec
+
+    return web.json_response(status=status.HTTP_204_NO_CONTENT)

services/web/server/src/simcore_service_webserver/login_auth/_controller_rest.py

@@ -0,0 +1,23 @@
+import logging
+
+from aiohttp import web
+from servicelib.aiohttp.application_setup import ModuleCategory, app_module_setup
+
+from ..products.plugin import setup_products
+from ..rest.plugin import setup_rest
+from ..security.plugin import setup_security
+from . import _controller_rest
+
+_logger = logging.getLogger(__name__)
+
+
+@app_module_setup(
+    __name__, ModuleCategory.ADDON, settings_name="WEBSERVER_LOGIN_AUTH", logger=_logger
+)
+def setup_login_auth(app: web.Application):
+
+    setup_products(app)
+    setup_security(app)
+    setup_rest(app)
+
+    app.add_routes(_controller_rest.routes)