Allow expires at in generates_token_for to be a proc

[jackozi]

Motivation / Background

The expires_in option in generates_token_for currently only accepts static duration values. Giving us no way to determine the expiration dynamically at runtime e.g., based on a per-tenant timeout.

Detail

TokenDefinition now has a resolved_expires_in method that evaluates expires_in if it's a proc, and returns as-is otherwise. The memoization on full_purpose has been removed so that procs are resolved on each call. Both generate_token and full_purpose now use resolved_expires_in. This allows usage like:

generates_token_for :password_reset, expires_in: -> { Current.tenant.password_reset_token_timeout }

Checklist

Before submitting the PR make sure the following are checked:

• This Pull Request is related to one change. Unrelated changes should be opened in separate PRs.
• Commit message has a detailed description of what changed and why. If this PR fixes a related issue include it in the commit message. Ex: [Fix #issue-number]
• Tests are added or updated if you fix a bug or add a feature.
• CHANGELOG files are updated for the changed libraries if there is a behavior change or additional feature. Minor bug fixes and documentation changes should not be included.