Make github oauth token secure using jwt

[jamesscaggs]

The current implementation of oauth stores the access token in the local storage. This isn't secure and we need to refactor to use jwt, bcrypt, and create a session token with expiry which will be added to the authState.

Inbound requests from the client to authenticated server routes will need to check the authState on the client side before allowing the request.