Invite links for private rooms

[jagerman]

From issue #176 - one common way semi-private rooms are set up is that the room is made private, but then an invite link is generated; anyone with the link can then join the room and be automatically granted the configured permissions.

The join link would contain an extra access token that Session can use to join a room and the SOGS would process the token and—if valid—would automatically assign the configured user permissions allowing the user to join the room.

Access tokens could have various options such as:

• permissions to grant (read, write, upload, moderator, admin).
• max # of uses; once it hits zero the token doesn't work anymore.
• expiry date; once the expiry date is reached the token doesn't work anymore.