More optionals for decoupling middlewares

[aantron]

The middlewares are internally quite decoupled, but then configured with defaults that make some of them rely on others. Add:

• [x] Add Dream.form, Dream.multipart ~csrf:false or ~csrf:my_function for no or custom CSRF checking, which removes the dependency of the form reader on sessions (because the default CSRF checker uses tokens that are bound to sessions).
• [ ] Add Dream.sql_sessions ~sql:connection for using a different database connection other than the one supplied by Dream.sql_pool. This is probably a quite common scenario. This part probably depends on the SQL rework so the good first issue label is not about this