update all WSAPIs now that userid rather than email is stored in session after auth.  all tests pass on JSON database driver

update all database apis on the JSON side to interact in terms of user ids as the primary identifier rather than an email address.  first step toward migrating to userid in sessions instead of email addresses to solve issue #388 (and others like it) and pave the way for primaries

changed session over to benadida's node-cookie-session with encryption and signing of the cookie, closes #416, closes #832

more complete_email_addition tests.  if a password is set on the account, you may not reset it via the c_e_a api

perform password length checking everywhere a password is updated.  complete_user_creation now requires a 'pass' arg when the acct has no password (only primary accts)

email_for_token now returns whether the user must set a password to finish adding an email to their browserid account.  also write (failing) tests for imminent changes to complete_email_addition api.  also refactor db layer, adding haveVerificationToken to move code off of emailForVerificationToken that only cares about whether a verification token exists or not.  whew.

* Adding several helper functions to user to check auth status on primary.
* Adding lots of tests.
* Starting to update the required_email controller to work with primaries.

* Defer off to "primary_user" screen and let that take care of the rest.
* in user.js, formatting.

Fixing up a bunch of async problems that were causing the unit tests to error out.  Only call complete whenever jQuery animations are complete.

implement a 'maximum request time' for bcrypt work.  server now fails more gracefully under backbreaking load, returning 503s to clients of the authenticate_user api.  update loadgen to be less dramatic about, but still display, 503 errors.  first part of issue #787 - a partial fix for #785 in dere too

Conflicts:
	resources/static/test/qunit/shared/network_unit_test.js
	scripts/compress.sh

Upgrading jQuery to 1.7.1.  Fixes a crash bug in IE8 where loading browserid.org would cause IE to restart.

close #806

issue #803

close #810

close #819

Turn license URL in ToS into a clickable link (closes #382)

* Change the add_email_address page to be Module based.
* Show the site info always.
* Add User.tokenInfo which gets the email address and site for a token.
* Add page.checkRequired which checks an options block for required fields.
* Rename pages/browserid.js to pages/start.js

* All unit tests pass again.
* Renaming primary_user_verified to primary_user_ready
* Adding a random_seed to the context info to fix the unit tests and the adding of the seed.
* Renamed all ejs templates to match their URL.
* Each page unit test writes the ejs template that it needs to the DOM.

Conflicts:
	resources/static/shared/user.js
	tests/verifier-test.js

disable 'online' check.  too many false positives to be useful.  closes #719 (@shane-tomlinson - I went for a minimal fix given we're branching the beta train right after this commit.  feel free to clean up)