[web] Add invalidSessionRecovery checks for web

Summary:
Now that session recovery is possible on web when usingCommServicesAccessToken, we should add these checks.

This was based on the equivalent code on native. However, since web only has to support the newer auth flow, we can skip the actions for the older auth flow (logInActionTypes.success and siweAuthActionTypes.success).

Depends on D11502

Test Plan: I added an artificial sleep to the callSingleKeyserverEndpoint before the setNewSession call. Then I logged out on web while a session recovery was ongoing, and confirmed via Redux dev tools that both the SET_NEW_SESSION and KEYSERVER_AUTH_SUCCESS were ignored. I also confirmed that a normal session recovery (without a log out in between) still worked

Reviewers: tomek, inka

Reviewed By: tomek

Differential Revision: https://phab.comm.dev/D11503