[Enhancement] temporary login token to enable login in iframe / through proxy

[pricelessrabbit]

Hi all :) I explain my use case and a possible feature useful for embed lychee in iframes as authenticated user. In my use case, i have a web application with a button that open a new browser tab that points to a lychee instance (maybe in the future this can be an iframe in the application), that show some private albums of the user of my app. Currently, i cannot find a way to enable the user to login automatically to the lyche instance when he press the button. Is there a way to do so? A possible solution is to enable some sort of "token login" in which lychee users is managed by the external app via lychee API, and when the access to lychee is needed:

1. webapp ask a login token for a user via lychee api
2. webapp render a link with the login token like `lychee-instance.com/token_login?token=
3. the user open the link in the webapp and is redirected and logged in the lychee instance obviously the token must have a short duration to avoid security flaws, and the webapp need the api key of lychee to manage the users