* Add a rate limiter to the login page.
* Fix the CSRF cookie expiring after 24 hours; it now will be a session
cookie that expires on browser exit so you get a fresh one each visit.
* Remove the dependency on go-bindata and use native Go file embed
* Add documentation
* Legacy-importer tool updates the DB primary key serial after migrating
the posts, to be max(posts.id)+1 -- especially important for
PostgreSQL and MySQL (SQLite3 correctly picked the next ID by
default?)
* Add blog archive page and RSS, Atom and JSON feeds for the blog.
URLs are /blog.rss, /blog.atom and /blog.json
