* Authorization added
* added secret to password, md5 hashing, removed promise from verifyToken, deleted links when not authorized
* added dbinsert script
* turned verifyToken to middleware, added description for dbinsert, added hidden csrf field in auth form
* added middlewares, user model and controller
* JSDoc fix
* wrong password processing fix
* added comments to dbinsert script, moved salt and passHash to singe db doc
* Moved salt to .env, upgradedscript for generating password was, fixed comments and JSDoc
* Deleted using salt (now user is only one), changed verifying password to bcrypt.compare, added httpyOnly property to jwt cookie
