Optional user authentication

[palto42]

This change adds an option for user authentication via configuration in the settingy.py module. Three new variables are defined in the settings:

• AUTH_CREDENTIALS is a dict with the user names and a bcrypt encoded password
• SECURE_COOKIE is a string used as a salt for the secure cookies in Tornado
• COOKIE_MAX_AGE is a duration in days when the user authentication cookie will expire

If the AUTH_CREDENTIALS dict is empty, then the user "anonymous" will be used.

Previously I tried the BasicAuth implementation suggested in #53, but was not fully satisfied. Main things I missed was encrypted password storage and a logout option. The usage of secure cookies for authentication was suggested in the Tornado user guide.

[GabrieleCalarota]

What's missing here to be able to merge?