Private Routes Guard

[g-saracca]

What this PR does / why we need it:

Adds protection for routes intended for logged-in users only.
If a not logged in user arrives at a protected path, the user will be automatically redirected to the JSF login page.
It currently applies to the following routes:

• Create Collection page - /spa/collections/[ownerCollectionId]/create
• Create Dataset page - `/spa/datasets/[collectionId]/create
• Edit Dataset Metadata page - /spa/datasets/edit-metadata?persistentId=[pid]
• Upload Files page - /spa/datasets/upload-files?persistentId=[pid]
• Account page - /spa/account?tab=apiToken or /spa/account

Which issue(s) this PR closes:

• Closes SPA Private Routes Guards #435

Special notes for your reviewer:

N/A

Suggestions on how to test this:

Create a collection and a dataset.
Go to the 5 pages mentioned above, copy the URL and open it in another browser or in an incognito window (to test without being logged in) and confirm that you are redirected to the JSF login page.

Does this PR introduce a user interface change? If mockups are available, please link/include them here:

No, it only shows a spinner if a protected route is loading the user session.

[coveralls]

coverage: 97.43% (+0.006%) from 97.424%
when pulling bf789be on feat/435-private-routes-guard
into b6484bf on develop.

[ekraffmiller]

Looks good! Just a minor question about Spinner.

[ChengShi-1]

Everything work well1. I checked that an unauthorized user couldn't access pages through url. Approve