allow setting DATABASE_PASSWORD in the environment
Renamed the setting to DATABASE_URI, with the password filled into the
URI from the DATABASE_PASSWORD environment variable if that is defined.
The SQLALCHEMY_DATABASE_URI setting is now just used internally within
the app to pass the complete URI down to Flask-SQLAlchemy.
This change is for OpenShift, which does not have any simple way to
inject secrets into configuration files. It is simpler to make the
configuration be non-secret, and pass secrets in as environment
variables.