Database Access: decouple Auth from Session

[Tener]

This change decouples lib/srv/db/Auth from lib/srv/db/Session, making it possible to use an Auth instance without an active user session. Auth used to depend on various fields from Session, yet in practice very few fields were actually used. The updated interface is explicit about the data requirements, which improves the clarity.

The updated interface no longer accepts session ID, but instead makes it possible to clone Auth with overridden logger instance. This is used to inject session id and database name fields in a consistent fashion.

The cloning is made easier by the fact that Auth no longer owns any resources: it no longer implements func Close() error. The ownership of the only resource, the CloudClients field, was moved. Auth will no longer initialise an instance of that type on startup, expecting to be passed a copy instead. This change also means improved sharing of CloudClients instance along with the associated benefits.

The tests are updated accordingly.

While this change presents no immediate benefit, it will ultimately allow for periodic connections to databases for the purpose of healthchecks as well as pulling in database schema information.

[github-actions]

The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with changelog: followed by the changelog entries for the PR.

[Tener]

I've dropped the SessionAuth wrapper in favour of updating the affected code directly, per feedback from @greedy52 . This makes the PR larger, but I think is a net gain longer term maintenance wise.

[public-teleport-github-review-bot]

@Tener See the table below for backport results.

Branch	Result
branch/v14	Failed
branch/v15	Create PR
branch/v16	Create PR

[codingllama]

This signature change (and possibly others) broke the e/ build.