Auth: Use sessionStorage instead of cookie for automatic redirection (#92759)

* WIP: working as expected, has to be tested

* Rename query param, small changes

* Remove unused code

* Address feedback

* Cleanup

* Use the feature toggle to control the behaviour

* Use the toggle on the FE too

* Prevent the extra redirect/reload

 Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>

* Return to login if user is not authenticated

* Add tracking issue

* Align BE redirect constructor to locationSvc

pkg/api/user_token.go

@@ -84,7 +84,11 @@ func (hs *HTTPServer) RotateUserAuthTokenRedirect(c *contextmodel.ReqContext) re
 		return response.Redirect(hs.Cfg.AppSubURL + "/login")
 	}
 
-	return response.Redirect(hs.GetRedirectURL(c))
+	if !c.UseSessionStorageRedirect {
+		return response.Redirect(hs.GetRedirectURL(c))
+	}
+
+	return response.Redirect(hs.Cfg.AppSubURL + "/")
 }
 
 // swagger:route POST /user/auth-tokens/rotate