cri_auth: add support for LDAP's bind based authentication

We may add an ldap_dn field to the CRIUser and use the django-auth-ldap package with the following configuration:

• Prevent new account creation (AUTH_LDAP_NO_NEW_USERS = True).
• Disable user attributes update (AUTH_LDAP_ALWAYS_UPDATE_USER = False).
• Use direct bind
• Override authenticate_ldap_user() to use CRIUser.ldap_dn instead of relying on AUTH_LDAP_USER_DN_TEMPLATE.