By default:
- `ssid_sessions[socket.ssid]` is now `session_data`
- `require` is no longer allowed in user scripts
To access global `socket_sessions` and `ssid_sessions`, as well as `require` additional modules, you must set `privileged: true` for the specific service. See `config.json`.
- move user accounts to subdir
- add password support
- implemented basics of multi-user support
- Can add users, edit them, and log in with them (password or not)
- Cannot delete users (with service) yet
- can get telly and reach stage-two
- narrow whitelist of allowed URLS in WTVClientSessionData constructor
- enough to show wtv-1800:/unauthorized with trust priv
- Times out lockeddown users really fast ;)
- untested disk error page
