JWT check nbf/exp

[jschlyter]

• Check nbf and exp claims on JWT unpack
• Allow setting iat on JWT pack
• Allow setting maximum allowed token lifetime

Discussion: Do we want nbf/exp checking turned on by default (RFC 7519 compliant) or optional? One option would be to require the timestamp parameter to be set for time verification.

[codecov-commenter]

Codecov Report

Merging #149 (9ff84a2) into main (361ecaa) will increase coverage by 0.02%.
The diff coverage is 91.30%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@            Coverage Diff             @@
##             main     #149      +/-   ##
==========================================
+ Coverage   76.48%   76.51%   +0.02%     
==========================================
  Files          44       44              
  Lines        4699     4713      +14     
  Branches      982      989       +7     
==========================================
+ Hits         3594     3606      +12     
  Misses        810      810              
- Partials      295      297       +2     

Files Changed	Coverage Δ
src/cryptojwt/jwt.py	77.43% <91.30%> (+0.54%)	⬆️

[rohe]

I think nbf/exp checking should be on by default.