provide a better UX for OIDC login based on email domain

[n1ru4l]

Today users need to know the organization slug in order to start the OIDC flow from https://app.graphql-hive.com/auth/sign-in.

Ideally, people use the Okta dashboard (or similar) to initiate the login flow, however, there is some things we can improve from when starting from the login form, only with your email.

As the user starts typing their email address, we could identify whether the email domain is registered with a oidc integration and thus change the login form to hide the password input and provide a button to start the OIDC login flow by redirecting the user to the authorization endpoint.

However, this approach could introduce a tenant enumeration risk - allowing to lookup whether specific organizations use our product, which might be a concern to some of our fortune 500, finance and government users - thus, this should probably be an option organization admins can opt-out from if desired.

On top of that we can enforce IP based rate limiting.