Investigate token usage with FastAPI

[harryjmoss]

EDIT: Updated description to remove references to HSDS

We will need to produce some sort of bearer token after successful user auth against the Virgo DB

See fastAPI docs - doesn't have to be JWT tokens

More detailed description: Ideally we will not manage a list of users and passwords, but use the existing Virgo DB HTTP authentication to generate a token that can be used to access our API endpoints.

Definition of done:

• [x] We have a good understanding of what's possible token-wise with FastAPI
• [x] We know where to get started with a minimally viable version of the token generation, following successful Virgo DB authentication

[harryjmoss]

Updated this to remove references to HSDS