feat: ✨ swap auId in JWT for individual token

note: has not been tested to ensure there are no collisions, todo

src/main/java/icu/samnyan/aqua/net/UserRegistrar.kt

@@ -34,6 +34,7 @@ class UserRegistrar(
     val cardService: CardService,
     val validator: AquaUserServices,
     val emailProps: EmailProperties,
+    val sessionRepo: SessionTokenRepo,
     final val paths: PathProps
 ) {
     val portraitPath = paths.aquaNetPortrait.path()
@@ -233,6 +234,12 @@ class UserRegistrar(
 
             // Save the user
             userRepo.save(u)
+
+            // Clear all tokens if changing password
+            if (key == "pwHash")
+                sessionRepo.deleteAll(
+                    sessionRepo.findByAquaNetUserAuId(u.auId)
+                )
         }
 
         SUCCESS