Use HTTP Basic Auth

[jcbwlkr]

The server currently uses a custom HMAC implementation for request authentication. It's a pretty naive method that isn't any better than just sending the password in plaintext since the same HMAC/RequestID pair will always authenticate. Furthermore because it's a custom method it makes it harder to use existing tools to test the API. If we made the HMAC method more secure (such as including a current timestamp, the request path, and request body in the hash basis) it would just make tooling that much more difficult. Really the solution is the server needs to be behind TLS and then we can fall back to the much easier HTTP Basic Auth.

For this issue i think this is sufficient

1. Delete the HMAC and CheckMAC funcs from util.go and the TestHMAC func from util_test.go
2. Change funcs signRequest and requestIsSignedto set and get the basic auth headers on the request.
3. Change cmd/magopie/test_helpers_test.go func mustNewRequest to set an auth user/pass. Replace the var testKey with something appropriately magpie themed.
4. Change mwAuthenticationCheck in cmd/magopie/main.go