* Adds the `require_token_presence_for_authentication?` DSL option to the Authentication extension which when enabled changes the following behaviour:
1. The `store_in_session` plug will store the user's token rather than their subject in the session.
2. The `retrieve_from_session` plug will look for a stored token in the session rather than a subject and ensure that it's present in the `TokenResource`.
3. The `retrieve_from_bearer` plug will ensure that the token is present in the `TokenResource`.
* Adds the `get_token` action to the `TokenResource`.
Highlights:
* Replaced `AshAuthentication.Provider` with the much more flexible `AshAuthentication.Strategy`.
* Moved strategies to within the `authentication` DSL using entities and removed excess extensions.
* Added a lot more documentation and test coverage.
* fix(PasswordReset): Generate the reset token using the target action, not the source action.
Also improve tests.
* improvement(PasswordReset): rework PasswordReset to be a provider in it's own right - this means it has it's own routes, etc.
This is missing a bunch of features that you probably want to use (eg confirmation, password resets), but it's a pretty good place to put a stake in the sand and say it works.
