fix: improvements for login and oidc (#227)

* add csrf

* caching

* caching

* caching

* caching

* security headers

* csp and security headers

* error handler csp

* select user with display name

* csp

* user selection styling

* username to loginname

* regenerate grpc

* regenerate

* change to login name

internal/auth/repository/eventsourcing/eventstore/auth_request.go

@@ -106,16 +106,16 @@ func (repo *AuthRequestRepo) DeleteAuthRequest(ctx context.Context, id string) e
 	return repo.AuthRequests.DeleteAuthRequest(ctx, id)
 }
 
-func (repo *AuthRequestRepo) CheckUsername(ctx context.Context, id, username string) error {
+func (repo *AuthRequestRepo) CheckLoginName(ctx context.Context, id, loginName string) error {
 	request, err := repo.AuthRequests.GetAuthRequestByID(ctx, id)
 	if err != nil {
 		return err
 	}
-	user, err := repo.View.UserByLoginName(username)
+	user, err := repo.View.UserByLoginName(loginName)
 	if err != nil {
 		return err
 	}
-	request.SetUserInfo(user.ID, user.UserName, user.ResourceOwner)
+	request.SetUserInfo(user.ID, loginName, user.ResourceOwner)
 	return repo.AuthRequests.UpdateAuthRequest(ctx, request)
 }
 
@@ -128,7 +128,7 @@ func (repo *AuthRequestRepo) SelectUser(ctx context.Context, id, userID string)
 	if err != nil {
 		return err
 	}
-	request.SetUserInfo(user.ID, user.UserName, user.ResourceOwner)
+	request.SetUserInfo(user.ID, user.PreferredLoginName, user.ResourceOwner)
 	return repo.AuthRequests.UpdateAuthRequest(ctx, request)
 }
 
@@ -236,7 +236,8 @@ func (repo *AuthRequestRepo) usersForUserSelection(request *model.AuthRequest) (
 	for i, session := range userSessions {
 		users[i] = model.UserSelection{
 			UserID:           session.UserID,
-			UserName:         session.UserName,
+			DisplayName:      session.DisplayName,
+			LoginName:        session.LoginName,
 			UserSessionState: session.State,
 		}
 	}