Allow using Django-local accounts in addition to LDAP accounts

Currently, LDAP is checked first on authentication, and if no matching user is found in LDAP, authentication fails. This ensures that if users are removed from an LDAP directory, they immediately are blocked from AlekSIS as well.

We should evaluate allowing login for Django users as well, but we need to make sure it only works for users that were never synced from LDAP.