Fix authentication

[remram44]

What do these changes do?

Update the documentation and example to mention that auth_required=True should be set when setting authenticator, otherwise clients can still send messages with no authentication.

Are there changes in behavior for the user?

No

Related issue number

#374

Checklist

• I think the code is well written
• Unit tests for the changes exist
• tox testenvs have been executed in the following environments:
  • Linux (Ubuntu 18.04, Ubuntu 20.04, Arch): {py36,py37,py38,py39}-{nocov,cov,diffcov}, qa, docs
  • Windows (7, 10): {py36,py37,py38,py39}-{nocov,cov,diffcov}
  • WSL 1.0 (Ubuntu 18.04): {py36,py37,py38,py39}-{nocov,cov,diffcov}, pypy3-{nocov,cov}, qa, docs
  • FreeBSD (12.2, 12.1, 11.4): {py36,pypy3}-{nocov,cov,diffcov}, qa
  • Cygwin: py36-{nocov,cov,diffcov}, qa, docs
• Documentation reflects the changes
• Add a news fragment into the NEWS.rst file

[remram44]

This also fixes other issues with the example, such as the username not being decoded from bytes (so no row would ever be found in the database), Argon2 being used incorrectly (it uses a random seed, you can't hash multiple passwords and compare the hashes, use verify()), and auth_require_tls=False (otherwise you can't auth at all).