[x] create a cognito user that can be used for SDK specs (credentials stored in circle)
[x] get a JWT for the user (see PR)
~i tried to do this using the AWS SDK and couldn't quite figure it out. will try using superagent to emulate a user browsing to the cognito login page. will likely require parsing a CSRF token out of the login form, then POSTing the user/pass/csrf, and getting the JWT value from the redirect response.~ figured this out! see PR.
[x] set the user's JWT in the sinopia client (see PR)
[x] make some requests, check that the user doesn't get a 401 unauthorized HTTP response (see PR)