Currently, non-existing username is allowed to be added as a reviewer in Review Board review request even though the username does not exist in the HTTP Digest .htpasswd file. 

The fix involves creating a new helper function that checks if the username is found in the .htpasswd file and have both the authenticate and get_or_create_user functions call this helper function. It will not create a user if the username is not found, and hence it will not allow non-existing username to be added as a reviewer.

Added a test suite for the HTTPDigestBackend class that covers the three methods in the class.
As for manual checking, I attached a couple of files to show the output on the review request.

The first screenshot shows error when adding non-exsiting user as a reviewer. 

The second screenshot shows that an existing user is added as a reviewer successfully. 

The third screenshot shows all the users I have on the list.