feat(users): User model and authentication pattern

[peterschutt]

• user model and instructions on how to include in migrations
• cli to create admin user
• authentication mechanism
• integration with service authorization mechanisms

[peterschutt]

• will implement client credentials grant flow
• the authorization server will be this one, but need to document that a 3rd party should be used in production
• ensure necessary abstraction so that external auth server is 0 friction
• cli to create users, not super user
• super user credential defined in environment (maybe doesn't even really need to be a user in the db).
• if super user password is not defined, the super user is disabled - this can allow for a redeployment after admin users have been created.
• admin users can create customer accounts
• customer accounts authenticate and get a token that has expiry
• api routes require token for viewing