refactor login as to be impersonation with better login/logout

Modifies the existing "login as" feature to be called impersonation.

This also adds:

* Application keep track of who is impersonating the user so they can revert back to the original user without having to log out.
* Stores the user profile via `HTTP_REFERER` so you get redirected back to the person you have impersonated once you stop.

## Screenshots:

![](http://sindacio.us/i/2015-10-28_17-52-41.png)
![](http://sindacio.us/i/2015-10-28_17-53-08.png)

See merge request !1702