Update webapp for private storage bucket

[hdoupe]

This PR updates the webapp to work with a private storage bucket. Prior to this PR, the storage bucket was public and anyone could read files directly from it. Granted, the name of each zip file and picture were UUID's and thus, semi-private. However, this makes all files completely private, and access to them is controlled through the C/S authentication system.

The only substantial change required to make this happen was to route the screenshots through a new url /storage/screenshots/[data_id].png. Thanks to the Postgresql JSON field, this was easy to do. It turns out that you can query deeply nested JSON fields such as the "id" field in this data:

{
    "outputs": {
        "renderable": {
            "outputs": [
                {
                    "id": "3da9cbab-e634-4381-b2a2-0fd8df28c414",
                    "title": "Max Scherzer v. All batters",
                    "filename": "Max Scherzer v. All batters.json",
                    "media_type": "bokeh"
                },
                {
                    "id": "1dd082e9-bc92-43c6-ac55-62dadebefe76",
                    "title": "Max Scherzer v. Brian McCann",
                    "filename": "Max Scherzer v. Brian McCann.json",
                    "media_type": "bokeh"
                }
            ]
        }
    }
}

This query will then find a Simulation object with an output that has the queried ID.

Simulation.objects.get(
    outputs__outputs__renderable__outputs__contains=[{"id": "1dd082e9-bc92-43c6-ac55-62dadebefe76"}],
)

Not going directly through to the Google Storage link for loading the screenshots seems to have a minor performance impact (100-200ms per screenshot load), but the privacy trade-off makes this tolerable.

[hdoupe]

Related to #304.