ENG-8753 docs: add enterprise auth documentation section

[FarhanAliRaza]

Add docs for the OIDC AuthPlugin covering the secure-by-default model, providers, custom auth pages, and testing guarded code. Register the new pages in the enterprise sidebar, add an Authentication category to the enterprise overview, and whitelist the section for preview.

All Submissions:

• Have you followed the guidelines stated in CONTRIBUTING.md file?
• Have you checked to ensure there aren't any other open Pull Requests for the desired changed?

Type of change

Please delete options that are not relevant.

• New feature (non-breaking change which adds functionality)

New Feature Submission:

• Does your submission pass the tests?
• Have you linted your code locally prior to submission?

Changes To Core Features:

• Have you added an explanation of what your changes do and why you'd like us to include them?

[codspeed-hq]

Merging this PR will not alter performance

✅ 26 untouched benchmarks
⏩ 8 skipped benchmarks¹

---

_{Comparing FarhanAliRaza:auth-docs (55ed197) with main (590711e)}

Footnotes

1. 8 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[greptile-apps]

Greptile Summary

This PR adds a new enterprise authentication documentation section covering the rxe.AuthPlugin OIDC integration, registers the pages in the sidebar, adds an Authentication category to the enterprise overview, and whitelists the new routes for a preview build.

• Five new Markdown pages document the full auth plugin surface: overview/quickstart, secure-by-default protections, OIDC provider configuration, custom login/callback/logout page builders, and the auth_as testing helper.
• The enterprise sidebar and overview table are updated to include the new Authentication section.
• whitelist.py is populated with two prefixes so only the auth and enterprise-overview pages are compiled in the targeted preview environment.

Confidence Score: 5/5

The changes are purely additive documentation and sidebar/overview wiring; no runtime logic is altered.

All changed files are Markdown docs, a Python sidebar config, and the whitelist helper. None of the new content touches executable application code. The one new finding is a style issue in pseudo-code signature blocks.

docs/app/reflex_docs/whitelist.py — the non-empty WHITELISTED_PAGES list will suppress all pages outside the two listed prefixes in any build environment that imports this module, which has been raised as a concern in a prior review thread.

Important Files Changed

Filename	Overview
docs/app/reflex_docs/whitelist.py	Populates the previously empty WHITELISTED_PAGES list with two prefixes for preview; when non-empty, this filter silently drops all pages outside the listed prefixes from any build that imports it.
docs/enterprise/auth/secure-by-default.md	New page documenting the four auth wrappers; the @rxe.page and @rxe.event "signature" code blocks use type-annotation syntax inside call parentheses, which is a Python SyntaxError.
docs/enterprise/auth/testing.md	New page covering auth_as context manager, async test examples, authorization check testing, and an end-to-end mock-IdP fixture; async test examples lack @pytest.mark.asyncio (previously flagged).
docs/enterprise/auth/providers.md	New page covering GenericOIDCAuthState, custom providers, environment variables, registering providers, scopes/refresh tokens, multiple providers, claim customization, and migration from the deprecated API.
docs/enterprise/auth/custom-pages.md	New page explaining how to replace the rendered login/callback/logout components with custom builders, including the import-path string pattern required in rxconfig.py.
docs/enterprise/auth/overview.md	New page introducing AuthPlugin, quickstart setup, the four protected surfaces, reading the current user, and links to the other auth pages.
docs/enterprise/overview.md	Adds an Authentication category entry with five feature rows to the enterprise overview table.
docs/app/reflex_docs/templates/docpage/sidebar/sidebar_items/enterprise.py	Adds a new Authentication section to the enterprise sidebar with five entries (Overview, Secure by Default, OIDC Providers, Custom Auth Pages, Testing Guarded Code).

_{Reviews (2): Last reviewed commit: "docs(auth): clarify User Vars bind to Au..." | Re-trigger Greptile}

[greptile-apps]

Non-empty whitelist breaks all non-auth docs pages

_check_whitelisted_path is called unconditionally during page registration in __init__.py. When WHITELISTED_PAGES is non-empty, every page whose route does not start with one of the listed prefixes returns False from resolve_doc_route and is skipped entirely. Merging this change means any build environment that imports reflex_docs.pages.docs — including the production build — would compile only the six auth/enterprise-overview pages and silently drop the entire rest of the documentation site. The original file intentionally used an empty list to build everything.