issue #2355 enforce ui context for API key management

...and improve profile JS. Replaces can_manage_api_key() with connected_with_pwg_ui() to ensure API key management is only allowed from UI logins, and sets 'connected_with' in session during auto-login. Refactors profile.js to respect canUpdatePreferences and canUpdatePassword, moves user state initialization to template, and improves preference reset/default logic. Also adjusts script loading and minor UI details in profile.tpl.

include/ws_functions/pwg.users.php

@@ -962,7 +962,7 @@ function ws_create_api_key($params, &$service)
 {
   global $user, $logger;
 
-  if (is_a_guest() OR !can_manage_api_key()) return new PwgError(401, 'Acces Denied');
+  if (is_a_guest() OR !connected_with_pwg_ui()) return new PwgError(401, 'Acces Denied');
 
   if (get_pwg_token() != $params['pwg_token'])
   {
@@ -999,7 +999,7 @@ function ws_revoke_api_key($params, &$service)
 {
   global $user, $logger;
 
-  if (is_a_guest() OR !can_manage_api_key()) return new PwgError(401, 'Acces Denied');
+  if (is_a_guest() OR !connected_with_pwg_ui()) return new PwgError(401, 'Acces Denied');
 
   if (get_pwg_token() != $params['pwg_token'])
   {
@@ -1038,7 +1038,7 @@ function ws_edit_api_key($params, &$service)
     return new PwgError(401, 'Acces Denied');
   }
 
-  if (!can_manage_api_key())
+  if (!connected_with_pwg_ui())
   {
     return new PwgError(401, 'Acces Denied');
   }
@@ -1081,7 +1081,7 @@ function ws_get_api_key($params, &$service)
     return new PwgError(401, 'Acces Denied');
   }
 
-  if (!can_manage_api_key())
+  if (!connected_with_pwg_ui())
   {
     return new PwgError(401, 'Acces Denied');
   }
@@ -1095,14 +1095,4 @@ function ws_get_api_key($params, &$service)
 
   return $api_keys ?? l10n('No API key found');
 }
-
-function can_manage_api_key()
-{
-  // You can manage your api key only if you are connected via identification.php
-  if (isset($_SESSION['connected_with']) and 'pwg_ui' === $_SESSION['connected_with'])
-  {
-    return true;
-  }
-  return false;
-}
 ?>