Implement a lightweight authentication/authorization for the dashboard

We need to introduce a lightweight authentication and authorization layer so users only see data for projects they are approved to access, while keeping the system simple and extensible. 

To start with, we will have a simple username/password per group/project and basic access control.