feat: allow auth token-login flag value as filepath to avoid leaking token into shell history

[jakedoublev]

Description

This PR adds the functionality to take in a token-login flag value in the form of a file path containing the auth token. There is backwards compatibility with the existing state, but providing the token from a file location is a more secure way of authenticating the CLI via access token directly. Passing a token directly leaks the value into the shell history, which can make it available to other processes on a machine.

The current state:

jakevanvorhis$ ./astro login --token-login 'my-super-secret-token' Welcome to the Astro CLI 🚀 To learn more about Astro, go to https://www.astronomer.io/docs You are logging into Astro via an OAuth token This token will expire in 1 hour and will not refresh Error: cannot retrieve userinfo: API error (401): Unauthorized jakevanvorhis$ history | grep astro 523 ./astro login --token-login 'my-super-secret-token'

🎟 Issue(s)

Related #XXX

🧪 Functional Testing

1. Save your authenticated JWT to a file.
2. Pass the file location to the command as flag value ./astro login --token-login < token file path >
3. Observe

📸 Screenshots

Add screenshots to illustrate the validity of these changes.

📋 Checklist

• Rebased from the main (or release if patching) branch (before testing)
• Ran make test before taking out of draft
• Ran make lint before taking out of draft
• Added/updated applicable tests
• Tested against Astro-API (if necessary).
• Tested against Houston-API and Astronomer (if necessary).
• Communicated to/tagged owners of respective clients potentially impacted by these changes.
• Updated any related documentation