Refactor the user service

- Separate the user service from the controller
- Seperate the auth service from the controller
- Move core.security to a service concerning users authentificatoin
- (Potentially) adjust tests for change in structure