How you will query the code and use the data should help drive how to design the schema.
What will the query be to log a user in? It is possible to match against a whole document ($elemMatch) and if stored in a list you'd have to do that. Otherwise you could match against User1 username and User2 password if using dot notation.
So you could use that schema but you have to be careful and probably isn't best practise, especially if you want to look at the nested user object it would be cumbersome. Also having large unbounded Lists will not perform well.
As for adding the user to the request context - you can always create your own context to do that.
It might be better to flip it and use the authentication frameworks in Django but add the client to a user.