Discovered many problems with the abstractions along the way
and did small fixes to get to the end of the auth module.
- Use more constants for random strings
- Create forcing functions to deal with the upgrades to different
interfaces
- Change changelog format to use keepachangelog standard
- Refactor the config to be made of substructs to help organize all the
pieces
- Add the new interfaces to the configuration
- Clean up module loading (no unnecessary reflection to create new value)
- Change User interface to have a Get/SetPID not E-mail/Username, this
way we don't ever have to refer to one or the other, we just always
assume pid. In the case of Confirm/Recover we'll have to make a GetEmail
or there won't be a way for us to get the e-mail to send to.
- Delete the xsrf nonsense in the core
