Require agent in all authenticated methods

[joepio]

Currently, functions that authentication (e.g. Store::get_resource_extended) take an Opion<Agent>. If passed None, they skip authentication. If the user does not have an Agent, we pass PublicAgent. I think I made a mistake with this design, because it is insecure by default. The public case should be the None option, not the other way around.

The question that remains is: What will a sudo type of call look like? Do we pass a SuperAgent const &str? Or does the users have to Store.get_default_agent() every time?