New Auth System + Added logout and allowed updating user info

[FireMario211]

What this pull request adds is a short revamp on the authentication system, as it adds a Refresh Token.

Refresh Tokens are used to refresh Access Tokens, that way if a users permissions were updated or their info was updated, it can be updated without having to always check the database on the user info.

Access Tokens usually expire in an hour but can be changed. It's recommended to keep the time short though.

This PR also adds a new endpoint, which is /api/user. This allows the user to be able to update their info, such as email, name, and password.

You can also delete the session or logout by doing a POST request to /api/user/logout. This is also added in the billing page where you can logout.

I've also fixed a bug where if a JWT token was expired, it crashes the server unless its restarted.

If there are any bugs with this PR, please let me know so I can fix them.

[github-actions]

SQL Risks Found

src/sql/init.sql

+-------------------------------------------------+
|                   SQLCHECK                      |
+-------------------------------------------------+
> RISK LEVEL    :: ONLY MEDIUM AND HIGH RISK ANTI-PATTERNS
> SQL FILE NAME :: src/sql/init.sql
> COLOR MODE    :: DISABLED
> VERBOSE MODE  :: DISABLED
> DELIMITER     :: ;
-------------------------------------------------
==================== Results ===================

-------------------------------------------------
SQL Statement: -- initialize all tables create table if not exists users ( user_id integer not
null primary key, -- the users id registered timestamp not null, -- when the
user registered name text not null, -- the users real name email text not null,
-- for contacting the user password text not null, -- required salt text not
null, -- extra security, this will be used as an extra salt verified integer not
null default 0, -- if the user verified their email (1) or if they verified
their phone # (2) permission_id integer not null default 0 -- users permission
id. );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]

[src/sql/init.sql]: (MEDIUM RISK) (PHYSICAL_DATABASE_DESIGN ANTI-PATTERN) Imprecise Data Type
[Matching Expression: real]


-------------------------------------------------
SQL Statement: create table if not exists invoices ( invoice_id integer not null primary key,
opened timestamp not null, due timestamp not null, price real not null default
0.00, currency text not null default '€' );
[src/sql/init.sql]: (MEDIUM RISK) (PHYSICAL_DATABASE_DESIGN ANTI-PATTERN) Imprecise Data Type
[Matching Expression: real]


-------------------------------------------------
SQL Statement: create table if not exists sessions ( session_id integer not null primary key,
-- session id user_id integer not null, -- user id jwt text not null, -- jwt
token (refresh token) createdin timestamp not null, -- when the token was
created expiresin timestamp not null, -- when the token expires ip text not
null, -- remote address rememberme integer not null default 0 -- will change
what expiresin should be );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]


-------------------------------------------------
SQL Statement: create table if not exists tickets ( ticket_id integer not null primary key, --
ticket id user_id integer not null, -- user id of who created the ticket.
subject text not null default 'ticket', -- ticket subject (or title) content
text not null default 'message', -- contents of the ticket. category_ids text
not null default '0,1', -- category(s) for the ticket. (0 being billing, and 1
being bug) status integer not null default 0, -- status of the ticket, if its
open (0), or if its closed (1). opened timestamp not null, -- when the ticket
was opened. closed timestamp not null default 0, -- when the ticket was closed.
files text not null default 0, -- any files that are uploaded. (will be shown in
url form) level integer not null default 3, -- level of support createdin
timestamp not null, -- when the ticket was created. editedin timestamp not null
default 0 -- when the ticket was edited. );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]


==================== Summary ===================
All Anti-Patterns and Hints  :: 5
>  High Risk   :: 3
>  Medium Risk :: 2
>  Low Risk    :: 0
>  Hints       :: 0

src/sql/init.sql

+-------------------------------------------------+
|                   SQLCHECK                      |
+-------------------------------------------------+
> RISK LEVEL    :: ONLY MEDIUM AND HIGH RISK ANTI-PATTERNS
> SQL FILE NAME :: src/sql/init.sql
> COLOR MODE    :: DISABLED
> VERBOSE MODE  :: DISABLED
> DELIMITER     :: ;
-------------------------------------------------
==================== Results ===================

-------------------------------------------------
SQL Statement: -- initialize all tables create table if not exists users ( user_id integer not
null primary key, -- the users id registered timestamp not null, -- when the
user registered name text not null, -- the users real name email text not null,
-- for contacting the user password text not null, -- required salt text not
null, -- extra security, this will be used as an extra salt verified integer not
null default 0, -- if the user verified their email (1) or if they verified
their phone # (2) permission_id integer not null default 0 -- users permission
id. );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]

[src/sql/init.sql]: (MEDIUM RISK) (PHYSICAL_DATABASE_DESIGN ANTI-PATTERN) Imprecise Data Type
[Matching Expression: real]


-------------------------------------------------
SQL Statement: create table if not exists invoices ( invoice_id integer not null primary key,
opened timestamp not null, due timestamp not null, price real not null default
0.00, currency text not null default '€' );
[src/sql/init.sql]: (MEDIUM RISK) (PHYSICAL_DATABASE_DESIGN ANTI-PATTERN) Imprecise Data Type
[Matching Expression: real]


-------------------------------------------------
SQL Statement: create table if not exists sessions ( session_id integer not null primary key,
-- session id user_id integer not null, -- user id jwt text not null, -- jwt
token (refresh token) createdin timestamp not null, -- when the token was
created expiresin timestamp not null, -- when the token expires ip text not
null, -- remote address rememberme integer not null default 0 -- will change
what expiresin should be );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]


-------------------------------------------------
SQL Statement: create table if not exists tickets ( ticket_id integer not null primary key, --
ticket id user_id integer not null, -- user id of who created the ticket.
subject text not null default 'ticket', -- ticket subject (or title) content
text not null default 'message', -- contents of the ticket. category_ids text
not null default '0,1', -- category(s) for the ticket. (0 being billing, and 1
being bug) status integer not null default 0, -- status of the ticket, if its
open (0), or if its closed (1). opened timestamp not null, -- when the ticket
was opened. closed timestamp not null default 0, -- when the ticket was closed.
files text not null default 0, -- any files that are uploaded. (will be shown in
url form) level integer not null default 3, -- level of support createdin
timestamp not null, -- when the ticket was created. editedin timestamp not null
default 0 -- when the ticket was edited. );
[src/sql/init.sql]: (HIGH RISK) (LOGICAL_DATABASE_DESIGN ANTI-PATTERN) Generic Primary Key
[Matching Expression:  id ]


==================== Summary ===================
All Anti-Patterns and Hints  :: 5
>  High Risk   :: 3
>  Medium Risk :: 2
>  Low Risk    :: 0
>  Hints       :: 0