Add authentication and User model

* Add User model
* Add SessionsController
* Add password authentication on User
* Request authentication for all actions except sign in
* Add some helpers for ApplicationController
* Update features to work with mandatory authentication

app/controllers/sessions_controller.rb

@@ -0,0 +1,16 @@
+class SessionsController < ApplicationController
+  skip_before_filter :authenticate!, :only => [:new, :create]
+
+  def create
+    user = User.authenticate(
+      params[:session][:email],
+      params[:session][:password]
+    )
+    if ! user
+      render 'new'
+    else
+      self.current_user = user
+      redirect_to :root
+    end
+  end
+end