Deprecate use of leap.common.http
leap.common.http uses several hacks to use authentication based on cookies for sessions. it also uses private apis of twisted.web, which is highly discouraged. we should migrate to use treq and deprecate this module.