docs: remove 'came_from' from login view

- The narrative doesn't discuss this (mis-)feature.

- Without any authorization, there is no meaninful reason to remember
  the 'previous' page.

- As a general rule, we want to avoid trusting user-supplied data (i.e.,
  from the query string or form params) when constructing redirect URLs.

0 files changed, 0 insertions, 0 deletions