Authentication from mutliple JWT issuers

[MeStrak]

Is your feature request related to a problem? Please describe.

As Whispr is designed to be a hub that multiple clients to connect to, it would be great to offer authentication which allows direct passthrough and validation of JWTs for those clients to avoid the need for an additional authentication against whispr.

Describe the solution you'd like

• Clients within a trusted environment should be able to log in with their existing JWTs.
• Security config should be parameterised and not hard coded.
• All queries/mutations/endpoints should be secured (possibly with a global guard).

Describe alternatives you've considered

Option x

• Use standard passport-jwt which allows for only a single JWT issuer or secret.
• This option is not selected because it would either force additional authentication to whispr, or limit each whispr instance to only one client.

Option y

• Use an extended version of passport-jwt implemented in @MeStrak/passport-multi-jwt which allows configuration using an array of passport-jwt configurations.
• Manage configuration through an env var, so that no code modification is required to configure an additional JWT issuer or secret.
• Use of guards to be reviewed - a global guard might be possible, but we should take into account future requirements of restrictions at Application ID level (see additional context)

Additional context

This feature covers authentication only, not authorisation. As a next step we should look into authorisation at application ID level to protect the data further.

[MeStrak]

Implemented with #694