Replace auth

[ozamosi]

This is one big change that replaces all the auth. It has a couple of smaller commits, but I can't really split the big one down much further.

As this changes the process flags, it will break if deployed without a corresponding service-conf change.

Before:

• There's a Providers structure, as part of the global API state
• The Providers structure contains a map of providerName -> Provider
• A Provider is an abstraction of some social login, e.g. Google or Github
• Email login is completely different - emails work by matching user level tokens.

After:

• There's an Auth0 structure, that takes the place of the Providers structure - however, this structure now handles all login and logout actions. Even if we want to move to a different SSO service, we don't want to use more than one at a time.
• The Auth0 structure contains a mapping of providerName -> Connection
• Connection is the Auth0 integration with Google or Github. It allows us to set connection specific options (e.g. scopes).
• Email login is part of Auth0, so it's almost just another login form - except it needs slightly different API calls. Ugh.
• In order to start making auth0 a source of truth for users, this pushes user data up into auth0 - including our custom company name question from signup. This does not export any kind of team/org membership though, nor does auth0 provide any of that back.

Things I haven't been able to test properly locally:

• Pushing SSH keys to github - I'll be able to do that in dev.

Things that are still bad:

• 2 month sessions with no session extension with your identity provider
• This will make GetAccessToken fail with expired tokens. I'm not sure yet what that means in practice - however, that's only used by github, so see above.

Things that are now worse:

• The Auth0 configuration is not version controlled.
• Auth0 now sends login/team invite emails instead of us, and those templates are not version controlled.