fix: revert passing password hash for jwt generation

builder in Program.cs is not aware of it, so [Authorize] decorator can't
be provided data necessary to validate requests which contain JWT with
password

Controllers/GeneralUseHelperFunctions.cs

@@ -32,7 +32,7 @@ public class GeneralUseHelpers(ApplicationDbContext db, IConfiguration appsettin
         }
     }
 
-    public string GenerateJwtToken(string username, string passwordHash)
+    public string GenerateJwtToken(string username)
     {
         var claims = new[]
         {
@@ -41,11 +41,9 @@ public class GeneralUseHelpers(ApplicationDbContext db, IConfiguration appsettin
         };
 
         var key = new SymmetricSecurityKey(
-            // https://stackoverflow.com/questions/21978658/invalidating-json-web-tokens#comment45057142_23089839
-            // passwordHash is important for invalidating tokens after a user changed their password
             Encoding.UTF8.GetBytes(
                 // JwtSecret won't be null here - otherwise Program.cs wouldn't start
-                _appsettings["JwtSecret"]! + passwordHash
+                _appsettings["JwtSecret"]!
             )
         );
         var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
@@ -54,6 +52,8 @@ public class GeneralUseHelpers(ApplicationDbContext db, IConfiguration appsettin
             issuer: _appsettings["DomainName"]!,
             audience: _appsettings["DomainName"]!,
             claims: claims,
+            // https://stackoverflow.com/questions/21978658/invalidating-json-web-tokens#comment45057142_23089839
+            // small validity timeframe is important for invalidating tokens after a user changed their password
             expires: DateTime.Now.AddMinutes(5),
             signingCredentials: creds
         );