Security (password) on phone donation admin page

[topherwhite]

The password security is currently just an HTML overlay of the page. This is not really secure, since it can be bypassed by just removing the layer overlay from the DOM (with google developer tools, for example).

The introduction of a password challenge is great, but it needs to be done is a secure manner, like with Basic authentication (also on the AJAX endpoints) or through some specific login page that then redirects the use to the phone donation admin page.

I hope that makes sense as a request. Thanks

[rassokhin-s]

In previous versions all post requests to our mailchimp backend were secured by middleware on backend. In 8ee2f66 I added the same middleware to search request as well.