[BREAKING] Auth: replace current auth tokens with more secure ones

previously tokens were only like IDs, time based and incrementing counter.
An attacker could easily bruteforce them.
This patch changes tokens to be completely random.

fixes #2

schema.prisma

@@ -20,12 +20,14 @@ model User {
 }
 
 model Session {
-  id          BigInt    @id @default(dbgenerated("(((unix_timestamp() * 1000) * pow(2,22)) + floor((rand() * pow(2,12))))")) @db.UnsignedBigInt
-  userId      BigInt    @map("user") @db.UnsignedBigInt
-  expiry_date DateTime? @default(dbgenerated("(now() + interval 30 day)")) @db.Timestamp(0)
-  user        User      @relation(fields: [userId], references: [id])
+  id           BigInt    @id @default(dbgenerated("(((unix_timestamp() * 1000) * pow(2,22)) + floor((rand() * pow(2,12))))")) @db.UnsignedBigInt
+  userId       BigInt    @map("user") @db.UnsignedBigInt
+  sessionToken Bytes     @db.Binary(64)
+  expiry_date  DateTime? @default(dbgenerated("(now() + interval 30 day)")) @db.Timestamp(0)
+  user         User      @relation(fields: [userId], references: [id])
 
   @@index([userId], map: "user_idx")
+  @@index([sessionToken])
   @@map("sessions")
 }