Add more auths and fine tuned run_steps

[acalejos]

Add support for more auth schemes into their Curl counterparts (eg -n for :netrc).

This requires that the auth step from Req doesn't run, since it actually validates the netrc file and inserts the basic auth from it. It also will base64 encode Basic auth, and cause there to be duplicates between the headers and auth fields of the Req struct. So I added options :except and :only to the run_steps function to have more fine-tuned control over which steps are run.

[derekkraan]

Please also include an entry in Changelog.md describing the changes.