Allow my users to create their own access tokens for backend requests through cli

[liorshein]

I have a main service, that allowes users through a frontend to create api tokens with expire date to use to their own free will (through cli or cicd), they can manage them, create and revoke them.

The issue is that other services I have doesnt have access to the db collection (access tokens), and I want to make sure they can verify the api token for the requests and also handle requests from the frontend as usual, while still maintaining requireAuth middleware of any other auth middleware per route.

What is the optimal way of achieving this? My stack is express, react and mongodb.

[wobsoriano]

Please see #3829

thanks!