Add user authentication and authorization

[f-odhiambo]

User story :
As a CHW, I want to authenticate myself in order to interact with the different features in-app based on the different permissions assigned to me

Acceptance criteria :

• Authenticate user details
• Check for permissions and role
• Load user profile
• Load FHIR resources and other assets based on user profile

[dubdabasoduba]

This is tied to #40 @f-odhiambo can @ekigamba work on this with @rehammuzzamil?

[ekigamba]

The issue seems a bit broad for part 2 and 4. This repository being the building block for OpenSRP FHIR apps, part 2 and 4 might not be handled here. Currently, everything within the practitioners location is downloaded to the client device. We should use this for MVPs until a point when we need to limit data acess further within the practitioners location. This data might be data across modules. This discussion is also dependent on how the health administrative structure representation in FHIR that we agree on (location mapping) since this will inform us on how to filter sync resources.

@f-odhiambo In a case where we will have different types of practitioners or logins, then we would need to make sure that the type of practitioner has the roles/permissions required to access the device. Is this defined or within scope? Can we move this to another issue?

Authenticate user details & load user profile

• We will have a login page
• The login will hit the token endpoint on KeyCloak(authorization server) to get the bearer token
• This token will be saved in AccountManager
• The app will hit an endpoint to retrieve the Practitioner and PractitionerRole details so that we can check if they should be able to login. The PractitionerRole also provides us with organisation and location data that would be used in syncing

Misc

• Authentication is going to be centrally managed by KeyCloak using Oauth2
• An intergration with the HAPI FHIR server is required and being tracked here