Redirect unauthenticated users to the sign in page
instead. Rationale:

- The content on the welcome page is what often belongs
  to a separate "marketing site". The marketing content
  is of no use on self-hosted instances, which typically
  have new signups disabled and are for internal use only
- (the real reason, let's be honest) a number of
  self-hosted instances are accessible over the public
  internet. Search engines index the nearly identical
  landing pages and see them as duplicated content.

Fixes: #281

Fixes: #581

cc: #556

Channel.last_notify is the datetime of the most recent
notification sent via the channel. Channel.last_error is
the error message (blank if the delivery was successful).

In the integrations list, "Last Notification" column,
use these fields instead of looking up the most recent
Notification object. This saves some db queries,
and also fixes a subtle issue: if prunenotifications
cleans up all notifications for a given channel, the
"Last Notification" column would display "Never", which
would not be correct – not any more.

The jsonify decorator parses request payload as JSON
and puts it in request.json. The payload would normally
be a complex object, but if a client sends, let's say,
a single integer, then request.json is a python int.

The authorize decorator looks for API key first in request
headers, then in request body. It expects the request
body to be a complex object.

This commit changes adds the following validation rule in
the jsonify decorator: if request body is not empty, it
*must* parse as JSON, and the root element of the parsed
document *must* be a dict.

Fixes: #574

If the email body is above a certain size, Gmail trims it
and displays "[Message clipped]  View entire message" at
the end. The spaceless tag is a quick fix to reduce
HTML size a bit and allow more table rows to fit before
clipping.

With a catch-all "except:" rule, we would swallow any unexpected
exceptions (ValueError, etc.) in cronsim. But we want to know
about them. cron_preview is a place where we can afford to crash, and generate a crash report.

Previous retry logic was:
- max 3 tries
- every try times out after 5 seconds

The new retry logic is:
- max 3 tries
- every try times out after 10 seconds
- if the first two tries have used > 10 seconds, don't
  do the third try

cc: #569

cc: #565, #568

Context: #568