Is your feature request related to a problem? Please describe.

Most deployments require some form of authentication.
In our case, that pretty much translates to having the Authentication module available.
Therefore, most users wishing to try out Conduit for the first time are most likely not going to be head over heels with the concept of spending much time on configuring it just so they can move on to finally giving the project a spin.

The module's initial configuration currently enables the "local" authentication strategy.
This is fairly convenient and greatly facilitates initial setup as it involves no third party providers.

The issue arises from "local" authentication defaulting to an email identifier, which results in Authentication full initialization effectively depending on either:

1. the user updating Authentication's config to make use of a username-based identifier
2. the Email module being available and properly configured

Option 1) requires a one-time administrative configuration request. Not too bad, until you consider how this affects our documentation and overcomplicates what would otherwise be fairly simple first timer tutorials.

Regarding 2), the problem is only magnified, as choosing to actually go with an email identifier not only requires that the Email module is brought online and configured, but also results in users having to possibly create an account at an email provider and specify all their creds in the module's configuration.
Unavoidable for actual deployments, but definitely overkill for trying out the project.

Describe the solution you'd like

The Authentication module should not depend on the Email module being configured nor available on initial run.
I can think of a couple different ways to achieve this.
Regardless of which one we end up going with, we should keep defaulting to the "local" authentication.

a) Have "local" auth strategy default to a "username" identifier. Extremely easy to do, but username auth is non ideal.

b) Keep defaulting to "email", switching off "sendVerificationEmail" and "verificationRequired", then only have Authentication actually wait on Email if said options are actually enabled so that the barebones "email" identifier does not actually depend on the Email module.

c) Keep the default config file as is, adding an env var to override the default identifier on a non-configured instance. Kinda needlessly complicated, plus the user is also going to be aware of the env var. What if they just launch Auth once without it and have the database store the "email" identifier config etc.

I'm leaning towards b).