chore: add back silent auth middleware

[RomainLanz]

Hey there! 👋🏻

This PR reintroduces the SilentAuth middleware.

Why was it removed?

The middleware was previously removed because the preferred approach was to call auth.check() directly wherever the auth.user variable is needed in your templates. This is often done in files like header.edge:

@if(auth.isAuthenticated || await auth.check())
  {{ auth.user.email }}
@end

Why bring it back?

There are a few reasons:

1. When using an API with the session guard, there may be no templates involved, making the SilentAuth middleware quite useful.
2. Its removal has led to some confusion, as the documentation doesn't clearly explain everything.

---

For these reasons, I believe the silent_auth middleware should be re-added, along with improved documentation on when it can be helpful.

[thetutlage]

May I know how the usage looks like with the API?

[RomainLanz]

May I know how the usage looks like with the API?

Same as with a standard SSR application.
You add the middleware in router.use inside your kernel.ts.

[thetutlage]

No I mean, in what use-case an API needs the logged-in user for a public API route

[RomainLanz]

Error handling, logging, access management, HAL / HATEOS, and many other needs.

[thetutlage]

Makes sense!

[thetutlage]

Should we register the middleware as well?

[RomainLanz]

Should we register the middleware as well?

I believe we should document how it works but not register it by default. Some people may still prefer to manage exactly when authentication is performed.

At least now, they can simply register a new middleware (same as V5)

[thetutlage]

@RomainLanz Can you please open a PR for the docs as well?