Create JWT token processor for full security

The processor/s should be able to create/read/verify the JWT token

Note: For security, we should deprecate the existing login token, rather than offer both: Stateless JWT will provide much better security than a DB stored token.

The implementation should also allow for the configuration of a separate authorisation server/service