exceptions: Extract json_unauths into MissingAuthenticationError.

We raise two types of json_unauthorized when
MissingAuthenticationError is raised. Raising the one
with www_authenticate let's the client know that user needs
to be logged in to access the requested content.

Sending `www_authenticate='session'` header with the response
also stops modern web-browsers from showing a login form to the
user and let's the client handle it completely.

Structurally, this moves the handling of common authentication errors
to a single shared middleware exception handler.

zerver/lib/exceptions.py

@@ -45,6 +45,7 @@ class ErrorCode(AbstractEnum):
     REQUEST_CONFUSING_VAR = ()
     INVALID_API_KEY = ()
     INVALID_ZOOM_TOKEN = ()
+    UNAUTHENTICATED_USER = ()
 
 class JsonableError(Exception):
     '''A standardized error format we can turn into a nice JSON HTTP response.
@@ -266,3 +267,13 @@ class UnexpectedWebhookEventType(JsonableError):
     @staticmethod
     def msg_format() -> str:
         return _("The '{event_type}' event isn't currently supported by the {webhook_name} webhook")
+
+class MissingAuthenticationError(JsonableError):
+    code = ErrorCode.UNAUTHENTICATED_USER
+    http_status_code = 401
+
+    def __init__(self) -> None:
+        pass
+
+    # No msg_format is defined since this exception is caught and
+    # converted into json_unauthorized in Zulip's middleware.