API Key Generation

[tommitchelmore]

Proposed changes

Add a feature for API key generation, which will allow an authorized user to create keys that can be used with applications such as ShareX to access services that would otherwise require a log in.

[Andyterrify]

After some research I think it is best to use an API key/token system instead of the original JWT plan we had. To maintain the ability to revocate a specific token we'll need to store refresh tokens, in which case we might just as well use API key/tokens. If you do want to go down the JWT route then I'd suggest that we separate the auth backend in it's own project which can be reused in future projects should we need it. If we do that it would be interesting to write that in Rust too, get some experience in it. One way that we can use JWTs and maintain the ability to revoke any at any time would be to use an arbitrary key to append to the JWT secret, only that this way any request to the API that would require auth would have to check all of the token combinations which looking at it now, wouldn't be too bad of a design as idealy this wouldn't realistically handle more than one say one to two users with one to two devices per user.