Api Keys hashed in DB

[Gepardgame]

Description

This PR addresses #532 by changing from API Keys being stored in plain to be stored as a hash.

Will be hashed with SHA3_256. Only at creation time are once returned in plain, so it can be used. Adds a suffix to the API Key, on which the key will be retrieved from the db. Masked Key is now at the ending the suffix. Hashed Key will be also not returned in the API.

[nscuro]

Thanks for the PR. A few comments.

Also, do you have a migration strategy in mind for this? How do we deal with existing API keys that are not hashed yet?

[Gepardgame]

Also, do you have a migration strategy in mind for this? How do we deal with existing API keys that are not hashed yet?

Simpliest way would be to provide a script, that simply gets every key, hashs it and update it in the DB. Would that suffice, or should it something be, there the user doesn't need to do anything? Then maybe temporarily support both and update it in the code, and after a while only support hashed ones. Or maybe add a function to the code that once gets all keys and updates them. That way you need to once upgrade to this version to get it to work later.

[Gepardgame]

2 things remaining:

1. when response contains an API Key, key value should not be showen, only if you create/regenerate it.
2. Team Creation should no longer support creating Api key, as the Clear API Key is never returned, and therefore cannot be used.

[Gepardgame]

@nscuro In Team Creation its no longer possible to create an api Key, which was never even used in DT.
About returning the key or not, that qould need to be done in DT, and the upgrading as well, cause we don't have upgrade scripts in ALpine directly, but only in DT then, as far as I know