Fix stale state during authentication #36
Description
The current implementation of the authentication makes the game to wait for the API to respond the new player token. During this wait, the player must authenticate on the website.
However, it was discovered that the game pending requests timeout at nearly 30s. Thus, if the player takes more than 30s to authenticate (which is probable), the request is cancelled and the authentication procedure fails.
There should be a rotation system where the API responds to the game if the request time exceeds 25s. The API should give the game the timestamp of the request that was bound to the player. The game will use this request to retry the same request, with the /staggered route prefix.
The authentication system will check that the timestamp given by the game in the request, is bound to the player currently authenticating. If so, it continues the procedure as if the new request corresponds to the first one. Otherwise, the authentication fails. The final request will respond to the game the new player token, as before.
For retro-compatibility issues, if the request time exceeds 25s, the returned response shouldn't be with a status of 200. This is because if the game is running with an old version of the Obstacle Titlepack, it's based on the response status code. If it is 200, it will consider it as successful, and the response is expected to contain the player token. So, in this case, the returned status code should be something like 307.