This changes allows to password protect shares. It works by:
* Allowing to optionally pass a password when creating a share
* If set, the password + salt that is configured via a new flag will be
hashed via bcrypt and the hash stored together with the rest of the
share
* Additionally, a random 96 byte long token gets generated and stored
as part of the share
* When the backend retrieves an unauthenticated request for a share that
has authentication configured, it will return a http 401
* The frontend detects this and will show a login prompt
* The actual download links are protected via an url arg that contains
the previously generated token. This allows us to avoid buffering the
download in the browser and allows pasting the link without breaking
it
