This is meant to be an *almost* non-functional change, with the exception that
it fixes what looks a lot like a bug in that it only calls
`auth_handler.add_threepid` and `add_pusher` once instead of three times.

The idea is to move the generation of the `access_token` out of
`registration_handler.register`, because `access_token`s now require a
device_id, and we only want to generate a device_id once registration has been
successful.

Update docstring on Handlers.

To indicate it is deprecated.

Refactor login flow

Make sure that we have the canonical user_id *before* calling
get_login_tuple_for_user_id.

Replace login_with_password with a method which just validates the password,
and have the caller call get_login_tuple_for_user_id. This brings the password
flow into line with the other flows, and will give us a place to register the
device_id if necessary.

Fix /purge_history bug

Fix 500 ISE when sending alias event without a state_key

Fall back to 'username' if 'user' is not given for appservice registration.

The `store` in a handler is a generic DataStore, not just an events.StateStore.

This was caused by trying to insert duplicate backward extremeties

Various purge_history fixes

Various auth.py fixes.

Feature: Add an /account/deactivate endpoint

Bug fix: expire invalid access tokens

Add requestToken endpoints

Ensure that the guest user is in the database when upgrading accounts