a username cookie is updated and will be available
in all subsequent requests.
THIS IS NOT AUTHENTICATION! it is not safe and is
only implemented as a first edition. It does how ever
solve the issue where we are not able to see who
canged what.
* Add Travis postgresql setup.
* Replace "db mocks" with a before hook that creates the same data
through the HTTP API.
* Reset DB and re-create all fixtures for each test. We'll need
something better here.
* CAVEAT: no concept of a dev vs test database. Running tests will
clear data from the currently configured database.
