In order to create an override token, we require an endpoint that will take the following:
- User ID to grant permissions to
- Duration of time for token to be valid
- List of permissions to be granted by token (optional, possibly)
The result should be the override token, which will be returned in the response body.
We may potentially want to investigate decoupling this functionality from mod-login, and merely having mod-login act as an authorizing service for some other component that actually signs and returns the token. We may wish to structure our endpoints with this in mind.