Forward user back when set `back_url`


Auth using tokens
Auth using uniq id on device
Auth using QR code
Auth using msg or popup
Auth using email



##### API v0 (unsafe)
# Auth link (device check url with this session and get data)
/api/v0/auth?session=<UNIQUE>&back_url=<OPTIONAL>
# Get auth data
/api/v0/auth_finish?session=<UNIQUE>


##### API v1 (semi-safe)
# Auth link
/api/v1/auth?session=<UNIQUE>&back_url=<OPTIONAL>
# Get token
/api/v1/auth_finish?session=<UNIQUE>
# Refresh token
/api/v1/refresh?token=<REFRESH>


##### API v2 (safe)
# Auth link
/api/v2/auth?site_id=<REQUIRED>&session=<UNIQUE>&back_url=<OPTIONAL>&webhook=<OPTIONAL>
# Get token
/api/v2/auth_finish?site_id=<REQUIRED>&session=<UNIQUE>
# Refresh token
/api/v2/refresh?site_id=<REQUIRED>&token=<REFRESH>