Authentication

I don't have replication steps, unfortunately. Just this comment from Alastair on the LeanKitKanBan board we were using:

> Common membership across charities
> Persistent login cookie
> Authorization (which charities you can access) is separate

This should be split into specific tasks when we come to it, as I know there are already a couple of guys looking into Auth/Authz.
