Re-implement minimal length for jwt-secret

[wolfgangwalther]

It seems that after the change to jose-jwt in 465170c7d6c51dace3faf68fbb4040353d5571c0, we don't require a minimum of 32 characters for jwt-secret anymore.

The question is: Should we keep it like that or re-implement that limit ourselves? If we re-implement it, we can surely do https://github.com/PostgREST/postgrest/issues/1840#issuecomment-1034857931.

I tend to say the limit is useful and we should implement it again with a proper error message.