Cache password credentials received, and if they succeed or fail.

This is intended to reduce the load on external authenication sources as most (all?) CalDAV clients use HTTPBasicAuth to authenticate and if an external source is used, every request we receive requires external authentication. This can place a large load on those external sources.

This caches a SHA256 salt and peppered hashed copy of the password. I am thinking this is safe enough as it is hashed, so the original is not kept.

Closes #254.