Sascha requested to merge develop into master Jan 19, 2020

Changes

Feature: Added MAX_API_KEY_TOKEN_TIME_VALID to allow to restrict session duration for API tokens
Feature: Added MAX_APP_TOKEN_TIME_VALID to allow to restrict session duration for APP tokens
Feature: Added ALLOW_MULTIPLE_SESSIONS to allow to restrict the amount of open sessions per user
Feature: Added AUTO_PROLONGATION_TOKEN_TIME_VALID to allow to force automatic logout after inactivity
Security: Upgraded libraries with vulnerabilities