Fixes an issue where users using an expired link that should be using an
SSO were presented with a 403 HTTPResponse.

When users try to log in with an expired link and we can identify the
user object from the user id, we send a new login request by calling
`login_magic`, which is the `/login/magic` endpoint function. In case
the user's email is marked for SSO login, `login_magic` returns a 403
HTTPResponse with the forward url as the detail, which the FE uses to
redirect users. We weren't handling this case in our call of
`login_magic` in `/auth`, so users were just seeing the 403 HTTPResponse
error response in plaintext. Fixed by redirecting to the SSO link when
status code is 403, and the expired link page otherwise.