Authentication and Session Management in the Daily Messages web apps

There are two web apps that need athentication and session management
in the DM system - the user message submitting app and the
adminstrators app. The users app uses LDAP as its authentication
source. the admin app uses the dailymessages DB as its auth
source. Both apps work the same once auth is successful:

1. Each in-app page checks to see if the current session has
been authenticated.
    A. If not, jump to login page
    B. If so, continue as normal

2. The logout page does not check to see if the session is
authenticated - it just sets auth to No/False for the session
regardless of the initial state.

3. The login page 
    A. first establishes the session.
    B. second checks to see if a username/PW has been provided.
        i. if so
            a. if they're good, then 
                - set authenticated to Yes/True for the session
                - set next_page to the home of the current app
                - set alert message to ''
            b. if they're bad
                - set authenticated to False for the session
                - set next_page to the login page w/ no username/pw
                - set the alert message to "Bad username/password"
        ii. display the login page
            a. show alert message if it exists
            b. show login form
