Account functionality extended, API authentication implemented

- Can now add a second email address to your account and delete one of 
your email addresses
- Reset password now works
- Resetting the password of an account without a password set will set 
one
- Email templates overhauled
- Login tokens limited to close previously devastating ($800 database 
bill) security hole
- Login with REST API now works
- Once logged in, authentication of API calls with token works
- Creatures can now be fetched using the API

app/imports/api/users/methods/linkWithPatreon.js

@@ -0,0 +1,20 @@
+// Adds accounts-patreon support to bozhao:link-accounts
+import { Meteor } from 'meteor/meteor';
+import { Accounts } from 'meteor/accounts-base';
+
+export default function linkWithPatreon(options, callback) {
+  if (!Meteor.userId()) {
+    throw new Meteor.Error(402, 'Please login to an existing account before link.');
+  }
+  if (!Package['patreon-oauth']) {
+    throw new Meteor.Error(403, 'Please include patreon-oauth package');
+  }
+
+  if (!callback && typeof options === 'function') {
+    callback = options;
+    options = null;
+  }
+
+  const credentialRequestCompleteCallback = Accounts.oauth.linkCredentialRequestCompleteHandler(callback);
+  Package['patreon-oauth'].Patreon.requestCredential(options, credentialRequestCompleteCallback);
+}