Refactor some of the email auth flow stuff for better separation of concerns #109
Description
The more traditional CRUD app approach to stuff like email reset tokens, especially given that the tokens have their own database models, would likely be to move the associated routes out of routers/account.py and into their own routers that are specific to the tokens, treating the tokens as their own resources to be gotten and posted with resource-specific GET and POST routes. We've also got a fair amount of logic aggregated in utils/auth.py, including regex helpers, password validation helpers, email flow helpers, etc., and maybe we should be moving these to separate utility files.