Merged PRs: #11 and #13. Fixed some PEP 8 issues and typos.

Only trust .bind_user() with a non-empty password.

Login redirect to original requested page

There are two reasons one migh call .bind_user(): you might want to
connect to an LDAP server and perform operations on that user's behalf,
or you might want to check whether a username and password pair are
valid. Unfortunately, if you give the password as an empty string, many
LDAP servers will grant you access as an anonymous user, regardless of
the username you ask for, so just because .bind_user() accepts
a username/password pair doesn't mean that's the correct password for
that user.

Therefore:

- I've added a warning to the bind_user() docstring.
- I've modified the `basic_auth_required()` decorator to guard against
  empty passwords.
- I've modified the various code examples to guard against empty
  passwords.

implements HTTP Basic Auth and fixes issue #4.

Update AUTHORS

Basic auth decorator

This is much less flexible than .login_required() (because HTTP
authentication is less flexible than custom login pages), but easier to
use in a simple proof-of-concept.

Now .login_required() and .group_required() document what they require
LDAP_LOGIN_VIEW to do.

Fixes #3.

to link to the new example using blueprints and app factories

Use a python code block for syntax rendering

Re-added flask themes, seems to work now ..