Fix request authorization model

[casademora]

The authorization scheme is a little underwhelming at the moment. At the simplest, it should be able to use the following common methods of request authentications:

• add query parameters to GET queries
• add a basic credential header using a base64 hash of username:password string
• add a a bearer credential header returned from an oauth login