previously tokens were only like IDs, time based and incrementing counter.
An attacker could easily bruteforce them.
This patch changes tokens to be completely random.
fixes#2
also I updated packages,
and properly typed api input
a lot of time was spent, I don't remeber what really I did x3
but everything was related to replacing mysql2 with prisma
