server-client security

[dsschult]

Secure the communication between the client and server by requiring an access key.

For convenience, use LDAP + JWT. Initially, a user must manually start the client to "register" with the server with their LDAP. A token then gets saved to the local filesystem, which is valid for 1 month and can be auto-revalidated every day.

If the glidein client has not talked with the server for more than a month, then a human must again "register".

Note that we can embed special fields into the JWT, such as site name or S3 key. Be sure to embed a uuid for the client, and keep a list of all uuids in the server to check for banning purposes.

Depends on #116.