* Simplify the signature for checkAuthenticationAndSync by removing onSuccess.
* Simplify the user unit tests by using failureCheck.
* Add testHelpers.failureCheck which came from network.js
* Cleanup the user unit tests a ton.

* Added tests for the various flows in required_email.
* cache off address information, clean up required_email controller a bit.
* Add some error messages.
* User.addressInfo now returns whether the primary users are authenticated with their IdP.

* email_for_token now returns whether the user needs to set their password.
* complete_email_addition now takes a password if necessary.
* Update the add_email_address page to support scheme.
* Update network.js and user.js to support these schemes.
* HUGE simplification of the Network unit tests.  Vast reduction in number.

Setting "location=1" when opening the dialog so that all users see the URL bar and can have a level of trust.

close #847

* Put the user into the primary_email flow, which will do the provisioning/redirection.

close #844

close #846

* Adding IE8 specific CSS to handle rgba backgrounds.
* Changing some borders to standard hex values instead of rgba.

close #820

* Add function.prototype.curry
* Make sure all callbacks are called through the "safe" complete function.

close #732

updated to new version of client-sessions, renamed, and re-added connect-cookie-session for example primary

SCHEMA CHANGES! update the mysql driver to support the new database apis motivated by issue #388 (identify user by userid rather than email)

Updating the "password_too_short" tooltip to be "password_length".  Add test for password too long in add_email

close #845

Conflicts:
	resources/views/verifyuser.ejs

close #845.

close #837

close #821

* the first button in the form would be clicked instead of the "submit" event, even if the first button is hidden.
* Changed the order of the DOM so that the correct button comes first in the DOM.

update all WSAPIs now that userid rather than email is stored in session after auth.  all tests pass on JSON database driver

* primary - user who is authenticated, owns address, valid cert.
* primary - user who is authenticated, owns address, but invalid cert.
* primary - user who is authenticated, but does not own address.

Required email feels more "correct", still some work to do though for working with expired certs cleanly.

* Changed the state machine so pushing a state to the stack is optional.
* Changed the verify_primary_user screen to have an optional cancel button
* Updated required_email to handle primary verification of unauthenticated users.

It is now possible to sign in to BrowserID using a primary email even if the user is not authenticated to BrowserID.  Needs a lot of cleanup.

update all database apis on the JSON side to interact in terms of user ids as the primary identifier rather than an email address.  first step toward migrating to userid in sessions instead of email addresses to solve issue #388 (and others like it) and pave the way for primaries

changed session over to benadida's node-cookie-session with encryption and signing of the cookie, closes #416, closes #832

more complete_email_addition tests.  if a password is set on the account, you may not reset it via the c_e_a api

perform password length checking everywhere a password is updated.  complete_user_creation now requires a 'pass' arg when the acct has no password (only primary accts)

email_for_token now returns whether the user must set a password to finish adding an email to their browserid account.  also write (failing) tests for imminent changes to complete_email_addition api.  also refactor db layer, adding haveVerificationToken to move code off of emailForVerificationToken that only cares about whether a verification token exists or not.  whew.

* Adding several helper functions to user to check auth status on primary.
* Adding lots of tests.
* Starting to update the required_email controller to work with primaries.

* Defer off to "primary_user" screen and let that take care of the rest.
* in user.js, formatting.