OmniAuth login: Add switch to control auto-update of attributes

[MrSerth]

I know it was in there before, but do we actually want to force users to use their real names? A user created with this method is also unable to change anything in is profile, since it always requests a password for changes. (mainly affects the avatar right now)
If the user shouldn't change those attributes we could also make them readonly or similar, to make it clear.

Originally posted by @kkoehn in #1316 (comment)

---

I fixed the issue that prevented users created through OmniAuth to change their profile, especially their avatar.

The update of the said attributes (email, first_name, last_name) is not that trivial and I decided not to touch the behavior in this PR: What do you think a user would expect? Sure, manually updating would be nice. However, if the information (especially the email address) was updated upstream, it would also be nice to store the newest information transferred. Since we get this information on every login, we just assume it's the most current and desired information.

I can think of rarely complex update procedures if we want to change this assumption and behavior, but those are clearly out of scope for this PR.

Originally posted by @MrSerth in #1316 (comment)

---

I agree with it being out of scope, but my intuitive approach would be to add a switch, with which the user can control the auto-updating.

Originally posted by @kkoehn in #1316 (comment)