Sepiida

----
When an Endpoint has an `authenticate()` hook so that it uses custom authentication logic sepiida will now respond with the value returned by `authenticate()` when a client calls `session.current_user()`. This makes it possible for clients of `sepiida` to transparently use their custom `authenticate()` hook and interpret the data they store in their own way without having to know any internals for how sepiida might interpret that data or request information from `pao` when calling `current_user()`.

In other words, this change does this:


class MyEndpoint(Endpoint):
def authenticate():
return {'foo': 'bar'}
def get():
assert sepiida.session.current_user() == {'foo': 'bar'}


and in doing so avoids a round-trip to `pao`

----
Add a function for getting a signed URL from durable storage. Right now it only supports being backed by S3, but that should grow over time.

----
Add function for putting data into durable storage. Right now it only supports being backed by S3, but that should grow over time.

----
Change WWW-Authenticate response header from 'Basic realm=Authentise' to 'Custom realm=Authentise'.
This will prevent browsers from showing the 'Authentication Required' modal and expecting
users to input their username and password themselves

----
Add simple functions for interacting with SQS queues so that we can start to
standardize our logic for communicating with queues. Sepiida is likely not the best
project for this, but I'll live with it for now

----
Change user URI in user fixture to use X.service domain instead of example.com.
This was necessary because of the new privileged domain logic in 3.27