Auth improvements

[erno]

• Async-enable the authentication hook
• Expose QNetworkAccessManager in asset api so can enable http authentication there

Only thing is that asset api seems to be accessible also from untrusted scripts.
It already has some functionality that shouldn't be exposed (eg. like ability
to upload arbitrary stuff from filesystem to http storages). This should be solved
by either hiding the asset api from untrusted scripts, moving the sensitive
slots out of AssetAPI.

[erno]

collecting feedback from irc:
12:41 < Pforce_> e`: virtual QNetworkAccessManager* GetNetworkAccessManager() {
return NULL; }
12:42 < Pforce_> 0 would be nicer, we are not a c app

12:45 < Stinkfist> e`: you can remove GetNetworkAccessManager from IAssetStorage
12:46 < Stinkfist> put to HttpAssetStorage only
12:46 < Stinkfist> goes to same metaobject anyways, so can be accessed ok from
scripts
12:46 < Stinkfist> also remove the Get-prefix ;)

[juj]

Having a virtual QNetworkAccessManager* IAssetStorage::GetNetworkAccessManager() is not ok, as it leaks implementation details only relevant to HttpAssetStorage to the IAssetStorage implementation. If this is for scripting purposes, the property can be exposed at runtime without exposing the details into the base class, as Stinkfist outlined.