Quart-auth

-----------------

* Support SECRET_KEY_FALLBACKS when loading tokens to allow for key
rotation.
* Bugfix ensure user_class is used if set in QuartAuth constructor.
* Support Python 3.13, drop Python 3.8.

-----------------

* Bugfix don't override a user set user_class or serializer_class.

-----------------

* Bugfix the Serializer init type hinting
* Update extention init typing to match docs and code.
* Allow the user_class and serializer_class to be specified in the
constructor.

----------------

* Bugfix decorator type hinting.
* Bugfix after_{request,websocket} function typing.
* Display some helpful warnings for development usage.

----------------

* Support multiple authentication schemes, whilst supporting a default
singleton global. This renames ``AuthManager`` -> ``QuartAuth`` and
removes the TestClient ``authenticated`` and ``generate_auth_token``
methods - use the ``authenticated_client`` and ``generate_auth_token``
functions instead.

----------------

* Utilise the extensions app attribute. The ``app.auth_manager`` is no
longer used, instead use ``app.extensions["QUART_AUTH"]``.
* Allow the token to be customised if desired.
* Add a bearer mode to allow for non-cookie based authentication. This
change will cause all existing tokens to be invalid, requiring a new
login.
* Support Python 3.11