changes authentication to no longer use a refresh token & access token
for accessing protected endpoints. Instead only an auth token is used.
Before the login flow was:
Login -> get refresh (stored as HttpOnly cookie) + access token (stored in memory) ->
protected endpoint request (attach access token as Authorization header) -> access token expires in
15 minutes, so use refresh token to obtain new one when that happens
now it looks like this:
Login -> get auth token (stored as HttpOnly cookie) -> make protected endpont
request (token sent)
the reasoning for using the refresh + access token was to reduce DB
calls, but in the end I don't think its worth the hassle.
was getting the current draggable list based on whatever task group
the task was in, ignoring that that task group might be different (when
the task was dragged to a new list)
