Cookie auth rework / Auth subsystem refactoring and tweaks

Closes https://git.pleroma.social/pleroma/secteam/pleroma/-/issues/3 & #1909 (closed) and does a lot more of auth improvements, see below.

• OAuth form user remembering functionality (based on !3109 (closed) / !2780 (closed))
• Local MastoFE login / logout fixes.
• Allowed user to revoke belonging tokens from any app (previous code allowed revoking from the same app only).
• OAuth session-based auth improvements and fixes (i.e. token expiration check). Switched from :user_id to :token_id in session, per !3109 (comment 76413).
• Integrated LegacyAuthenticationPlug into AuthenticationPlug.
• Refactoring of auth subsystem.
• Ensured presence and consistency of :user and :token assigns.
• Adjusted tests & docs.