LG-11344: Prompt at most once for WebAuthn authentication

[aduth]

🎫 Ticket

LG-11344

🛠 Summary of changes

Disables button for Face or Touch Unlock sign-in or setup when clicked, to avoid a scenario where multiple clicks due to a delay in the OS prompt may cause the user to see multiple prompt windows.

📜 Testing Plan

Sign-in:

1. Prerequisite: Have a user with Face or Touch Unlock (see "Account creation" instructions)
2. Go to http://localhost:3000
3. Sign in
4. (If directed immediately to Account page, click "Forget all browsers", confirm, then sign out and start over)
5. When prompted for Face or Touch Unlock, click "Use face or touch unlock" multiple times very quickly, ideally before the prompt is shown
6. Continue signing in
7. Observe that (a) you are still able to sign-in successfully and (b) you only saw a single prompt for your credential

Account creation:

1. Prerequisite: Use iPhone, Android, an equivalent simulation, or an environment where show_unsupported_passkey_platform_authentication_setup is true (e.g. local development)
2. Go to http://localhost:3000
3. Click "Create an account"
4. Continue account creation up to MFA selection
5. Select "Face or touch unlock" as your MFA and continue
6. Enter a nickname
7. Click "Continue" multiple times very quickly, ideally before the prompt is shown
8. Continue account creation
9. Observe that (a) you are still able to enroll the MFA successfully and (b) you only saw a single prompt for your credential

👀 Screenshots

In the screenshots below, observe that the darker button indicates the active, disabled state of the button, as implemented through SubmitButtonComponent.

Account creation:

Before	After

Sign in:

Before	After

[mdiarra3]

LGTM

[kevinsmaster5]

It looks good. Local test confirmed working as expected.