Don't transfer auth request parameters from config page

Instead move them to server-side (in auth.py) and send only to Google.

Or maybe instead remove redirector page and move client id to config page's js (at last we anyway need it there to check auth status)
