sub app_enter {
  my $self = shift;

# Check auth at the app-level. If they don't pass, they don't
# get in.

  if ( not $self->authorize() ){
    die [user_error => "Not authorized."];
  }

}