Rework authentication

closes #79 (closed)

• Do not show the app before keycloak module finished initializing
  • this ensures the app is not shown as anonymous when keycloak took a little too long and did not log in before everything finished loading
• Icat user logged in through keycloak is not persisted
  • This ensures that even if keycloak logs out without the app knowing, we will not continue using an invalid icat user
  • For instance, this would happen when user logs out of keycloak through another app while the data portal tab is close. Data portal is then not informed of the keycloak logout and if the user was persisted it would continue to be used (happens in current version of data2 and data).
  • This means that log in to icat via keycloak will happen every time a new tab is opened and/or the app is refreshed. It does not have a major performance cost and allows to fully delegate token persistance management to keycloak.
• When user is sucessfully logged in in keycloak AND is already logged in through persisted icat user (db log in), the persisted one has priority.
  • This means keycloak is still called when logged in with db but is ignored. This does not cost any performance as it happens in parallel and allows authentication module and keycloak module to be completely independants (keycloak is not aware of the authentication state, it simply checks if someone is logged in and transmits the information. Similarty, the authentication module is not aware of any keycloak state, it only receives a log in request from it, just like if it was from the user directly with DB)(closes #99 (closed))
• Make sure silent-check-sso.html is published with app.