We're going to need to use this from places that aren't password auth, so let's
move it to a proper class.

Notify auth providers on logout

Allow password_auth_providers to return a callback

Let auth providers get to the database

this got broken in the previous commit

Provide a hook by which auth providers can be notified of logouts.

... so that they have a way to record access tokens.

Let password auth providers handle arbitrary login types

Provide a hook where password auth providers can say they know about other
login types, and get passed the relevant parameters

Move access token deletion into auth handler

automatically set default displayname on register

Break dependency of auth_handler on device_handler

Remove the last vestiges of refresh_tokens

to avoid clobbering guest user displaynames on registration

Also move duplicated deactivation code into the auth handler.

I want to add some hooks when we deactivate an access token, so let's bring it
all in here so that there's somewhere to put it.

Log login requests

Carefully though, to avoid logging passwords

to avoid leaking ugly MXIDs and cluttering up the timeline with
displayname changes as well as membership joins for autojoin rooms
(e.g. the status autojoin rooms), automatically set the displayname
to match the localpart of the mxid upon registration.

Modify group room association API to allow modification of is_public

I'm going to need to make the device_handler depend on the auth_handler, so I
need to break this dependency to avoid a cycle.

It turns out that the auth_handler was only using the device_handler in one
place which was an edge case which we can more elegantly handle by throwing an
error rather than fixing it up.

Somewhat open to abuse, but also somewhat unavoidable :/

DB schema interface for password auth providers

Make the port script drop NUL values in all tables

also includes renamings to make things more consistent.

Postgres doesn't support NULs in strings so it makes the script
throw an exception and stop if any values contain \0. Drop them
with appropriate warning.

Provide an interface by which password auth providers can register db schema
files to be run at startup

Refactor some logic from LoginRestServlet into AuthHandler

Clean up backwards-compat hacks for ldap

Start some documentation on password providers

I'm going to need some more flexibility in handling login types in password
auth providers, so as a first step, move some stuff from LoginRestServlet into
AuthHandler.

In particular, we pass everything other than SAML, JWT and token logins down to
the AuthHandler, which now has responsibility for checking the login type and
fishing the password out of the login dictionary, as well as qualifying the
user_id if need be. Ideally SAML, JWT and token would go that way too, but
there's no real need for it right now and I'm trying to minimise impact.

This commit *should* be non-functional.

Document the existing interface, before I start adding new stuff.

try to make the backwards-compat flows follow the same code paths as the modern
impl.

This commit should be non-functional.