feat: Optional user auth

[ChristianBeilschmidt]

• I agree to follow the project's code of conduct.
• I added an entry to the project's change log file if knowledge of this change could be valuable to users.
  • Usually called CHANGES.md or CHANGELOG.md
  • Prefix changelog entries for breaking changes with "BREAKING: "

---

[ChristianBeilschmidt]

@b4l I tried to get in optional user auth for apps that use the ogcapi crate. For this, I had no other idea than to make it generic and impl NoUser for the ogcapi binary.

Let me know what you think and if you have any other ideas. I'm open to changing stuff, but at least it works.

[b4l]

@ChristianBeilschmidt thanks for tackling this!

Honestly, I find it a bit hard to review. Maybe an example of a service using auth would help.

Is it necessary to pass the user down to the driver? Wondering whether extension traits and a more fine-grained middleware approach would be more suitable and could alleviate the NoUser. Something like: if you register an authenticated process, a dedicated route with middleware is added that takes precedence. Not sure if this would make it easier; just feel like it should be more like adding a wrapper function / programmatic extension rather than a generic approach.