Add local file strategy

[nichtich]

For testing purpose and small controlled lists of accounts. Requires rate limiting and encryption of passwords. I'd use passport-local-htpasswd for simplicity because .htpasswd files are well-known and because its made clear they are only for authentification (no additional user information).

[stefandesu]

I added local authentication via passport-local. The users are written directly to providers.json, and bcrypt is used for hashing/salting the password. I also added a script to manage local providers and their users that allows creating/deleting providers/users (and hashes the user's password). Is this enough for this issue?

[nichtich]

I'm not happy with supporting local users because it makes it more difficult to convince use of ORCID, SAML, or other identity providers, but anyhow...

[stefandesu]

We don't have to advertise that to the end users. We added it for a fairly specific use case and it should stay that way.