feat: custom oauth2 provider

[alexma233]

Custom OAuth2 integration on both frontend and backend.

[paskal]

Thanks a ton! Tested this with GitHub OAuth endpoints on a live instance — works as expected. A few things:

1. built-in provider names aren't reserved (server.go:1023). only email and anonymous are blocked, but AUTH_CUSTOM_NAME=github or AUTH_CUSTOM_NAME=telegram would silently register a competing route. should add the full list: google, github, facebook, yandex, microsoft, patreon, discord, telegram, dev, apple. docs have the same gap — says "should not be email or anonymous" but doesn't mention built-in provider names.

2. user ID hashing uses SHA-256 (server.go:1043) while all built-in providers use SHA-1. no comment explaining the choice. if intentional, add a note — otherwise it'll confuse anyone who switches from custom to a native provider later (IDs won't match, existing comments become disassociated).

3. no happy-path test — only the partial-config error case is covered. worth adding a test that registers a fully configured custom provider and checks it appears in the provider list, similar to TestServerApp_DevMode.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.21%. Comparing base (b38d91c) to head (5509b0b).
⚠️ Report is 5 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2006      +/-   ##
==========================================
+ Coverage   62.17%   62.21%   +0.03%     
==========================================
  Files         132      132              
  Lines        3035     3038       +3     
  Branches      769      772       +3     
==========================================
+ Hits         1887     1890       +3     
+ Misses       1144     1034     -110     
- Partials        4      114     +110     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[janikvonrotz]

I was just checking the docs and was looking for this feature. I would like to authenticate users with Codeberg (Foregejo).

I'll try to test a custom provider with https://remark42.com/docs/contributing/backend/ ...

[alexma233]

@paskal

I’ve addressed the review feedback:

• reserved all built-in provider names
• added a happy-path test
• aligned hashing with built-in providers (SHA-1, with explicit comment + nolint)

Could you please take another look when you have time? Thanks!