OAuth authentication controller using Ueberauth with dynamic provider configuration.

This controller uses Ueberauth.run_request/4 and Ueberauth.run_callback/4 for dynamic OAuth invocation, eliminating compile-time configuration requirements. OAuth credentials are loaded from database at runtime.

This controller requires the following optional dependencies to be installed:

• ueberauth
• ueberauth_google (for Google Sign-In)
• ueberauth_apple (for Apple Sign-In)
• ueberauth_github (for GitHub Sign-In)
• ueberauth_facebook (for Facebook Sign-In)

If these dependencies are not installed, a fallback controller will be used instead.

Add-account via OAuth

When the request action receives add_account=1 as a query parameter it sets a short-lived session key :oauth_add_account_intent to "add_account". The callback reads and immediately clears this key. When it is present AND there is a valid root user AND MultiSession.gate_allowed?/1 is true, the callback adds the OAuth- authenticated user to the multi-session stack via MultiSession.add_authenticated_user/2 instead of performing a full login.

The marker is distinct from :oauth_return_to and :oauth_referral_code and does NOT interact with the existing settings-page provider-link flow (which has no session marker at all and is handled by a separate LiveView).