Define a preliminary auth flow for the STAC CRUD UI

[j08lue]

The STAC CRUD web app we are developing is currently relying on the STAC API Transaction Extension to push simple changes to the STAC catalog.

We will soon have protected endpoints for these operations.

• Implement ingress control distinguishing between GET and POST to eoapi/stac/collections #102 (comment)

What (preliminary) flow for authN/authz could we implement in the web application, such that a user complete an authorized CRUD task via the app?

Acceptance criteria

• Identified a preliminary way to provide an auth-secured version of the STAC Manager application where users can log in and get authorized access to the STAC API Transaction Extension operations

[j08lue]

Work still ongoing - we had an initial APISIX-based setup, but are now looking into other options.

[achtsnits]

is the STAC manager already deployed in cluster?

[j08lue]

is the STAC manager already deployed in cluster?

No, not yet. Working on it!

Actually, having a STAC API that has a working auth flow would be a prerequisite for getting STAC Manager ready for an EOEPCA deployment.