* Initial codebase (lot of work!) * Uses vanilla Go net/http and implements by hand: session cookies backed by Redis; log in/out; CSRF protection; email verification flow; initial database models (User table)