Is it possible to use AGs in a way to function exactly as the FCI did (keeping automatic fail over and the ability to manually fail over to patch while allowing users to use the same virtual node in their connection)?
Yes, AGs use Windows Clustering as the back-end technology. You will create a listener (a unique virtual network name) which determines what node is the Primary. The listener will also be how the application(s) will connect to the instance and databases. You can manually fail the AG over to the other node when Windows patching is occurring. Both the AG and the listener will appear in the Failover Cluster Manager as a resource after they are created.
It's also my understanding that only user databases can be part of an AG so I'm not sure how things such as logins, jobs, etc would be transferred since the system databases aren't replicated.
Yes, correct, logins, jobs, etc. will have to be manually created on the secondary from the primary usually done by scripting.
It seems as though the objective is to still protect at the instance level but leverage using AGs.
Correct - It's the best of both worlds, you are providing protection at the node (machine) level and at the database level. One of the keys with AG's is that you are providing HA for a group of databases rather than only one, as the old mirroring did.