[FastAPI] use User.has_credential for auth requirements
For many of our authorization requirements now, we bypass has_credential
. We should be using it, however, as all the authorization is figured out through that path already in PHP and we don't need to reinvent the wheel.
We should do a code-base revision where we swap in has_credential
for places where it should be used but is not.