Remove username restriction in Public unsecure endpoint

• Also fix the validation 'prohibits' => 'required_without' for phone and username for the same endpoint.
• Log the SMS pin code sent
• Copy the request user-agent to the account table in the DB, no specific validation