When building the client web login capability in the server info resource,

we would grab the client_web_login setting from the site configuration

but use a default value of False if the setting doesn't exist in the site

configuration. We should actually be using the default value that is set in

siteconfig.py, which is True. This change fixes that.
This change also adds documentation that explains how certain services can

authenticate to Review Board via the login page and that API tokens will be

automatically created for them. We also add docs for the automatic token

expiration setting that was added in the admin authentication page.

Tested rbt login to a server that didn't have a client_web_login

  setting in site config, saw that it defaulted to web-based login.
Built and viewed the docs that I added.
Ran unit tests.