refactor: update forward authentication handling in domain schema and tests

- Replaced `forwardAuthProviderId` with `forwardAuthEnabled` in the domain schema to simplify the configuration of forward authentication.
- Updated related tests to reflect this change, ensuring consistency across the application.
- Introduced a new SQL migration to create the `forward_auth_settings` table for managing authentication domains and their configurations.

This refactor enhances the clarity and maintainability of the forward authentication logic within the application.

packages/server/src/utils/traefik/domain.ts

@@ -198,7 +198,7 @@ export const createRouterConfig = async (
 		// authentication runs first. No-op unless the domain links a provider.
 		// The -errors middleware must come first so a 401 from the auth check is
 		// rewritten to a 302 redirect to the login page.
-		if (domain.forwardAuthProviderId) {
+		if (domain.forwardAuthEnabled) {
 			const name = forwardAuthMiddlewareName(appName, uniqueConfigKey);
 			routerConfig.middlewares?.push(`${name}-errors`);
 			routerConfig.middlewares?.push(name);

packages/server/src/utils/traefik/forward-auth.ts

@@ -73,7 +73,7 @@ export const createForwardAuthMiddleware = async (
 	app: ApplicationNested,
 	domain: Domain,
 ) => {
-	if (!domain.forwardAuthProviderId) {
+	if (!domain.forwardAuthEnabled) {
 		return;
 	}