Add support for registration to magic link strategy

[Darth-Knoppix]

Context

This originally came from https://elixirforum.com/t/using-magic-links-for-registration/61166. It may also require changes to Ash Authentication Phoenix.

Problem

The magic link strategy doesn't support registration. It can only be used to sign in existing users/resources.

Why?

It's not possible to use the magic link strategy as a primary form of auth, you still need another strategy for registration.

Possible Solution

Look at other strategies for inspiration and add a registration action (and anything needed to support it).

[jimsynz]

I did some thinking about this. The way it currently works is that if you request a magic link it checks that the user exists, and then emails them a link. In order to continue working this way we'd have to change it to an upsert, which means we'd be creating user records for every address ever typed into the form.

I think the better solution is to generate a token without a subject and store the email address in the token resource until the token expires. That way we could upsert the user when the token is validated. This would be a bit of a change to the current behaviour, so I am keen for feedback before I try and dive in.

[Torkan]

The suggestion above sounds like the way to go! Do you have a timeline on this one @jimsynz?

I'd love to be able to start using just magic links instead of requiring a password on registration as well 🙏 😅