Generate refresh token

[VakarisZ]

Generate our own refresh token:

We could generate a token that's exactly the same as the authentication token, but with an extended lifespan (we need to use a custom TimestampSigner that uses not the current time, but current time + REFRESH_TIMEDELTA as its timestamp). The only difference between the authentication token and the refresh token would be that the refresh token has a longer lifespan. Then, we would add another endpoint.

Tasks:

• Create a refresh token (0d) @VakarisZ
• Modify login and registration to return refresh token (0d) @VakarisZ
• Add an endpoint that allows you to login with a refresh token
• Make a refresh token distinct from access token @VakarisZ
• Add logic to the agent to use the refresh token (0d) - @shreyamalviya
• Adjust the times for refresh and authentication token (0d) @VakarisZ
• Redesign refresh strategy (1.25d)
  • BB test to verify old tokens are invalid after refresh
  • Add expiration time to all responses with tokens
  • Modify the agent to use the new scheme
  • Make the agent's HTTPIslandAPIClient to be multiprocessing-safe @cakekoa
  • Add logic to the UI to use the refresh token @ilija-lazoroski
• Cleanup vulture allowlist