Authentication

[VishalDalwadi]

This PR implements authentication for Polypheny-Control, trying to solve issue 291 Authentication information is stored in .polypheny/passwd file. This contains the username and password. The passwords are secured using the crypt function. However, the password file itself isn't secured. Users may find it much easier to use different commands on their computers to secure the password file. For eg, setting the immutable flag on Linux systems using the chattr command. To add / remove / modify users the polypheny-control executable has three commands adduser, remuser and moduser. They will modify the password file. So, if the file is secured by users using the immutable flag, it would have to be reset before performing these operations.
Authentication can be enabled / disabled for local users by using the localauth.enable config.
A login page has been added to the UI to ask for credentials. If credentials are invalid or is not done, user won't be able to access the index.html page.

This is an update pull request. See initial pull request for previous discussions.

ToDos:

• The tests are failing on Windows.
• Add license headers to the following files: AuthenticationDataManager.java, AuthenticationFileManager.java, AuthenticationManager.java, NotificationManager.java.
• The auth.local setting should be set to false on default. This makes it significantly easier to get started with Polypheny Control.
• Rename an existing passwd file on startup when started in testing mode and restore an existing backup when started in normal mode.
• Write a few lines of documentation on how to manage users (we can put this in the documentation section of the website). Furthermore, it would make sense to add a few sentences to the README file.
• Increase the default session timeout.
• Test with both, auth.local enabled and disabled.
• Adjusted the design of the login page to better match the design of the rest of the dashboard.
• Print some instructions on the CLI when Control is started for the first time and no users are defined.

Closes polypheny/Polypheny-DB#291

[VishalDalwadi]

Hey, @vogti. I have completed the following:

• Added a warning if no users exist and a option to the ControlCommand to suppress this warning.
• Increases the default session timeout to 1day.
• Redesigned the login page.

I had also written some documentation for the Authentication features in the readme. Let me know if you want me to add something else.

I have some points where some improvements can be made.

• All the authentication data is re-written if one user is added, deleted or modified. This is okay for now since the command only works on one user at a time and is used at the command line. But later on while allowing user management through web, we may want to change this behavior and also consider concurrency issues.
• We might want to simplify the different ways authentication happens for design sake by creating a common abstraction for each.

Thank you. Let me know if any more changes need to be made.

[vogti]

Thx, @VishalDalwadi, for this PR!