Allow encrypting access tokens in Prisma dbs

[paulomarg]

WHY are these changes introduced?

With the ability to encrypt access tokens built into the Session class (#818), we should update our storage options to included that for an extra layer of security.

WHAT is this pull request doing?

Adding a new parameter to PrismaSessionStorage to pass in an encryption key to be used to encrypt data. This doesn't require apps to migrate right away since we can update rows as they rotate, but we should still recommend apps load and store every session (or wipe their table).

Type of change

• Minor: New feature (non-breaking change which adds functionality)

Checklist

• I have used yarn changeset to create a draft changelog entry (do NOT update the CHANGELOG.md files manually)
• I have added/updated tests for this change
• I have documented new APIs/updated the documentation for modified APIs (for public APIs)

[lizkenyon]

We still want just the ID here?

sessionParams.onlineAccessInfo?.associated_user.id

[paulomarg]

I think I need to rebase this onto your PR that returns the user info?

[lizkenyon]

You shouldn't. The current functionality should have the ID in the sessionParams.onlineAccessInfo?.associated_user.id

[paulomarg]

That changed slightly because we're using the property array here instead of toObject.

[lizkenyon]

aaah I missed that!

[paulomarg]

You shouldn't

I think we should still be setting all of the user fields here though, right? That's why I was thinking about rebasing.

[paulomarg]

In the end, we decided not to go forward with this as developers are probably better served by using encryption at the infrastructure level for their production databases, rather than making the API more complex at the software level.