MastoAPI transition: login/logout/register/verify credentials

• Should use entitiy_normalizer wherever possible for consistency.
• Should not bring in regressions. (unless it's agreeable, see below)
• Should not use extremely horrible hacks (up to reviewers to decide).
• Should not rename everything nor bring tons of refactoring to avoid merge conflicts and ease the review and testing. (see below)
• For every missing BE functionality there should be mention of it in pleroma#674 (closed), probably create a new task too.
• Code from mastoapi-exploration branch could be backported/separated or used as a reference.

Right now, IIRC, credentials verification also register response as current user, which brings these problems:

• i'm not sure MastoAPI does the same or you need to fetch your own profile separately
• QvitterAPI also contains user's settings (see also pleroma#674 (closed), #437 (closed)) which are absent in MastoAPI profile view so something needs to be done to be able to fetch your own settings and also raw (non-html) profile.