Redirect unauthenticated users to the sign in page
instead. Rationale:

- The content on the welcome page is what often belongs
  to a separate "marketing site". The marketing content
  is of no use on self-hosted instances, which typically
  have new signups disabled and are for internal use only
- (the real reason, let's be honest) a number of
  self-hosted instances are accessible over the public
  internet. Search engines index the nearly identical
  landing pages and see them as duplicated content.

Fixes: #281

Fixes: #581

cc: #556

The jsonify decorator parses request payload as JSON
and puts it in request.json. The payload would normally
be a complex object, but if a client sends, let's say,
a single integer, then request.json is a python int.

The authorize decorator looks for API key first in request
headers, then in request body. It expects the request
body to be a complex object.

This commit changes adds the following validation rule in
the jsonify decorator: if request body is not empty, it
*must* parse as JSON, and the root element of the parsed
document *must* be a dict.

Fixes: #574

Previous retry logic was:
- max 3 tries
- every try times out after 5 seconds

The new retry logic is:
- max 3 tries
- every try times out after 10 seconds
- if the first two tries have used > 10 seconds, don't
  do the third try

cc: #569

Fixes: #566

Fixes: #565

Also, split Dockerfile into two stages, so rust
and other build dependencies don't end up in the final image.

Note cryptography has binary wheels for various architectures,
but unfortunately not for 32-bit arm. And, starting from v35.0.0,
cryptography requires rust to build from source.

1. Drop API support for GET, DELETE requests with a request body.
Healthchecks had an undocumented quirk where you could authenticate a
GET or DELETE request by putting a '{"api_key":"..."}' in request body.
This commit removes this feature.

Note: POST requests can still authenticate either by sending
a X-Api-Key header, or by putting a "api_key" key in request body.
GET and DELETE requests can now only authenticate with the
request header.

2. Add missing @csrf_exempt annotations in API views
When client sends a HTTP POST request to a GET-only endpoint,
the server is supposed to respond with "405 Method Not Allowed".
Due to CSRF checking, a couple endpoints were responding with
"403 Forbidden" instead. Adding @csrf_exempt annotations fixes
the problem.

cc: #552

Fixes: #77

This fixes a security issue:
- attacker can crafts a redirect URL to an external site
- attacker gets victim to click on it
- victim logs in
- after login, Healthchecks redirects victim to the external site

The _allow_redirect function now additionally
requires the redirect URL is relative (has no scheme or domain).

Fixes: #548

Fixes: #354

Fixes: #323

Fixes: #539

PagerDuty Connect is deprecated and will be discontinued.
It is replaced by PagerDuty Simple Install Flow (see
README for setup instructions).

Fixes: #512