Feature/configurable hashing and encoding

[larrycinnabar]

Problem

Password hashing :hash:

Password hashing process is hard-coded and can't be modified in any kind. There are cases where we do need control on how password is hashed:

• Current flow is that user is fetched and then password is checked. But we don't want DB to return user at all, until we are 100% password is right. So we need to first, hash password and query by matching hashed passwords.
• Other simple example is that application may have some requirements on hashing algorithms.

Confirming/Recovering tokens :envelope:

Reasons for unhardcoding this part:

• For easier and better testing we need ability to mock token, selector, verifier
• We need tokens to look shorter/prettier for some reason

Problematic part :red_circle: :

authboss.go has a public helper function VerifyPassword, that now works only if we use default Hasher. a todo item is left there in comments, explaining the issue

Fixes #319, #288

[aarondl]

This has been updated by Stephenafamo and it's been merged! Thank you for your contribution. See #355