Refactor shopping app to use the updated authentication package

[dhmlau]

Description

1. Use the new authentication interface in authentication package => #2466
2. Use the updated authentication action in authentication package => #2467
3. Use the updated strategy resolver provider in authentication package => #2312 && #2467 (The resolver will need to deal with passport strategies and non-passport) strategies.
4. /users/login will continue to be without any authenticate decorator (won't have a strategy associated with it). email and password comes in the request body, and logic for performing user credential validation will continue to be done in the controller method.
5. The JWTStrategy will be reworked to be an extension of the authentication strategy extension point so that it is discoverable via the new strategy resolver provider in 3).
6. Take into account the community PR that added authorization to user orders.
   feat: addition of current user authentication in the request to creat… #71. Related to: The First Scenario: Authenticated orders (a minimal authentication) loopback-next#1998

Acceptance Criteria

• Updated documentation to guide user through steps of: starting database and redis, adding users to the database, logging in with email and password and receiving a jwt token, and using this jwt token with a REST Client (if API Explorer is not updated to pass credentials or tokens with requests) to access the authenticated endpoints, and using API Explorer for the non-authenticated endpoints
• Updated unit, acceptance, and integration mocha tests

[JesusTheHun]

That would be so awesome if this was released this month ! ♥

[bajtos]

@emonddr you may want to revive this pull request to upgrade example-shopping to v2 of our authentication module: #114 You can also run git chery-pick 85098b6a to add the commit from that pull request into your feature branch implementing the necessary changes and refactorings.

[jannyHou]

🎉 PR merged.