Upload authentication

[chelseatroy]

Before the holiday break, I found myself attempting to boot and run theia for the purpose of getting a pretty skeletal pipeline to run start to finish. This would accomplish 2 goals:

1. Determine how to use the app once it's running (now described in the wiki: https://github.com/zooniverse/theia/wiki/How-to-Use-the-App-Once-It's-Running)
2. Establish that the end-to-end process works.

Going into this, my interpretation of the information I had collected was that the app should work all the way through the pipeline, but that an important authentication gap remained: essentially, theia would allow anyone to upload subjects to any project.

I have a skeletal pipeline running locally that successfully fetches LANDSAT images, remaps them, and resizes them. It fails to upload them to Panoptes because the inauthenticated client cannot find the project, as it is not public.

In short, Theia does not allow anyone to upload subjects to any project because Panoptes (rightfully) does not allow that. Theia must cooperate with Panoptes authentication in order for this step to work.

This is good news and bad news.

The good news: The problem here isn't that a previously working thing broke. It's that something never worked, and authentication was, in fact, on the radar as a thing that needed to be done. So we haven't lost time to a step we didn't anticipate here. The only difference is that Theia cannot function without this step, as opposed to being functional but not deployable without this step.

And that's the bad news, if you want to call it that. To get the app to run anywhere (not just prod), it has to do this right.

So this PR will handle that, and will in so doing address this ticket (which, according to the ticket, "has been a struggle," but is nonetheless a necessity): #77