Move the AuthRequest flow to short-term storage
There's no need to hit the authoritative long-term database for AuthRequest, which is a short-term data flow. We could use the short-term storage abstraction instead, allowing multiple instances of the login UI.