External auth (.htpasswd with nginx) should support read only for HEAD/GET/OPTIONS

[dmsimard]

Authentication for the API and reporting interface can be managed by django or a frontend server like apache or nginx with a .htpasswd.

The current implementation for nginx hardcodes it for every URL and every method:

ara-collection/roles/ara_frontend_nginx/templates/ara-api-ssl.conf.j2

Lines 15 to 22 in 2fea65a

	server {
	listen 443;
	server_name {{ ara_api_fqdn }};
	{% if ara_api_external_auth -%}
	auth_basic "Privileged access";
	# A .htpasswd file
	auth_basic_user_file {{ ara_api_external_auth_file }};
	{% endif %}

We could provide a "read only" implementation by allowing HEAD/GET/OPTIONS just like the django authentication toggle for authenticating reads or writes:

ara-collection/roles/ara_api/defaults/main.yaml

Lines 140 to 144 in 2fea65a

	# ARA_READ_LOGIN_REQUIRED - Whether authentication is required for reading data
	ara_api_read_login_required: false
	# ARA_WRITE_LOGIN_REQUIRED - Whether authentication is required for writing data
	ara_api_write_login_required: false

(These above should stay false when using ara_api_external_auth: true since it's the web server handling the authentication)