Running webapp locally doesn't require setting up secrets

Closes #1973 (closed)

This MR is making local secrets optional in two places:

• we default a missing express-session secret to test-secret when webapp runs in dev
• we skip the whole 3rd party OAuth configuration (GitHub, GitLab, Twitter) if github:user_client_id config is missing

Future improvements

• the create-seed-data script could create nicer data (not the cryptical names like _testuser_31583152697585) and it could upsert the entities instead of creating new every time
• making sure that when the redis container gets removed, we don't invalidate the seed users
• we could only switch off specific OAuth providers if their secretes are missing (now it's all or nothing, but user might want to only test GitLab OAuth)
• Making sure a subset of tests can run locally without the secretes, right now they seem to be failing

The create-seed-data.js output

~/w/t/webapp ❯❯❯ npm run create-seed-data

> gitter-webapp@19.2.0 create-seed-data /Users/tomas/workspace/tmp/webapp
> node scripts/utils/create-seed-data.js

========================
You've successfully created seed data

There is now a public room http://localhost:5000/_test_71583152697585

And there are two users:

User A (_testuser_31583152697585) is part of the room
    - you can log in by going to http://localhost:5000/?access_token=_test_8a60532b_99f4_406f_b188_1f792153a698
User B (_testuser_61583152697585) is not part of the room
    - you can log in by going to http://localhost:5000/?access_token=_test_ac66b02c_8490_45ac_ae64_03757086ee63
========================
redis handler failed during shutdown: TypeError: Cannot read property 'activeMasterClient' of undefined