~willvaughn/grsroot-auth

make created_at with time zone in db, mock in fake API with instant
switch to kebab-case everywhere, auto-convert out of hugsql
fix auth middleware ordering

middleware are like an onion. At definition they are wrapped, and at
runtime they run from the outside in (bottom up, in this case using ->)
add refresh_token table in migrations
add boilerplate stubbed routes for app-users
add starter sections for docs in the readme
rm get-app-by-app-id query
rm prn in restrict-by-roles
refactor authentication middleware

remove wrap-authorization
bundle authentication and access-rules middleware fn
apply auth from the services routes middleware list.
It has to happen after forma-response-middleware for some reason.
reduce app by app-id to a single database query.y
remove starter routes
use access rules to prevent app and app-role creation
fix typos and structural mistakes causing bugs in app role lookups
reconfigure middlewares, using api-defaults
remove swagger authentication, open up the API
fix nrepl version
add app-by-app-id, fix 404 for app roles w/out app
complete get-app-roles-by-app
rm db.app_user namespace
rm app_user table columns first_name and last_name

I want this service to do as little as possible, it should not need any
personally identifying information about users. Even things like
first_name and last_name should be stored by whatever app or service is
responsible for user information.
Next