feature: Issue PASETO tokens instead JWT by default #182

[greenpau]

A clear and concise description of what you want the system to do.
Background

The Authenticator.grantAccess function is responsible for the issuing of signed
tokens to authenticated and authorized users. The function is also responsible
for the adding of sessions into the session cache.

The grantAccess issues an already generated token. It is being stored
in usr.Token.

The following functions invoke grantAccess():

• Authenticator.authorizeLoginRequest(): pkg/authn/handle_http_login.go
• Authenticator.handleHTTPSandbox(): pkg/authn/handle_http_sandbox.go

The authorizeLoginRequest():

• takes in rr *requests.Request object. If it contains rr.Response.Payload
  with a map, then the associated authentication was processed successfully
• creates user.User object from the map
• passes newly created user.User object to be signed
  by p.keystore.SignToken()

The signing of tokens happens here in caddy-authorize.

The outstanding questions are:

• What would be the Caddfile directive for setting up token encoding tech (JWT
  vs PASETO)?
• When do you determine which token encoding tech would be issued? For example,
  what if a user transform says "set token tech to JWT"?