BUG: User management / restrictions are missing #9
Description
Consider NOT handling the authentication part. Just assume the server did its part and expect the header proclaiming user to equal authorized user.
Need to set up basic call-back hooks for verifying permissions for a given user. Since the "rights" storage is very specific to deployment, provide for plug-able way of calling a "rights management" code in a generic way.