Web authentication callbacks

[redxdev]

Instead of opening up a new window and doing authentication through that, authentication should redirect back to the client with an apikey parameter which can be used by the client to login.

This would fix some confusion during registration sessions for us when people like to close the original tab.