feat: add forward authentication configuration and UI

- Introduced ForwardAuthConfig model to store global forward authentication settings.
- Updated Manager to fetch and apply forward authentication configuration.
- Added ForwardAuthHandler to create a reverse proxy handler for authentication.
- Enhanced ProxyHost model to include forward authentication options.
- Created Security page and ForwardAuthSettings component for managing authentication settings.
- Implemented API endpoints for fetching and updating forward authentication configuration.
- Added tests for new functionality including validation and error handling.
- Updated frontend components to support forward authentication settings.

frontend/src/components/__tests__/ProxyHostForm.test.tsx

@@ -224,4 +224,23 @@ describe('ProxyHostForm', () => {
 
     expect(screen.getByLabelText(/Domain Names/i)).toHaveValue('my-app.existing.com')
   })
+
+  it('toggles forward auth fields', async () => {
+    renderWithClient(
+      <ProxyHostForm onSubmit={mockOnSubmit} onCancel={mockOnCancel} />
+    )
+
+    const toggle = screen.getByLabelText('Enable Forward Auth (SSO)')
+    expect(toggle).not.toBeChecked()
+
+    // Bypass field should not be visible initially
+    expect(screen.queryByLabelText('Bypass Paths (Optional)')).not.toBeInTheDocument()
+
+    // Enable it
+    fireEvent.click(toggle)
+    expect(toggle).toBeChecked()
+
+    // Bypass field should now be visible
+    expect(screen.getByLabelText('Bypass Paths (Optional)')).toBeInTheDocument()
+  })
 })