Update JWT infrastructure to include permissions in Access Token; add source_collector permission

[maxachis]

Context

For the Source Collector app in data-source-identification, we've determined that rather than create a separate user system, we'll utilize the system we already have in this application!

Requirements

• Currently, the JWT structure inside Data Sources relies on retrieving the user's permissions from the database after authentication, using the user's email.
  • Instead, we'll need to embed these permissions within the JWT when it's created at login. ¹

• Add a source_collector permission to the data sources app database -- we'll need to grant this to select users who we want to give access to the Source Collector App.

Tests

• Some tests may need updated, but not clear which, at the moment.

Docs

• API documentation should be unaffected.

Open questions

• No open questions at this time.

Footnotes

1. This has the added benefit of reducing the number of network requests we have to make. ↩