Revisit the passport integration

[mlaccetti]

Right now, each authentication mechanism must have a completely separate implementation, which also makes it difficult to track down issues if something goes wrong during authentication, as Ravel itself doesn't know about it. Most auth providers follow the same approach:

app.get(this.ravelInstance.get('auth path'), passport.authenticate('this-provider'));

app.get(this.ravelInstance.get('auth callback path'),
  passport.authenticate('this-provider', {
    failureRedirect: this.ravelInstance.get('login route'),
    successRedirect: this.ravelInstance.get('app route')
  })
);

We should be able to implement all of this functionality internally, and have the authentication provider expose portions that can be overridden when required. If the redirect functionality is not 100% across all providers, Ravel can also leverage passport's custom callbacks instead of mandating redirects (we'll have to figure out how to give the function the proper context - req/res/..., as required):

app.get(this.ravelInstance.get('auth callback path'),
  passport.authenticate('this-provider', function(err, user, info) {
    if (err) { return Promise.reject(err); }
    if (!user) { return Promise.resolve({redirect: '/login'}); }
    req.logIn(user, function(err) {
      if (err) { return next(err); }
      return res.redirect('/users/' + user.username);
    });
  })(req, res, next);
  })
);

[Ghnuberath]

I think it makes sense to leave AuthenticationProvider as-is, but to extend it to another abstract superclass which encompasses this functionality. That way AuthenticationProvider creators can extend either as they see fit.