Add the ability to create an account session #3
Description
The server should return a 400 if the login ID and password are incorrect. The server should also return a 400 error if the login ID doesn't exist. These errors should not be distinguishable, as this encourages malicious actors to guess account information.
### Completion criteria for developers
- [ ] Add endpoint: `POST` `/accounts/user/sessions`
- [ ] Return a 400 if the account login ID doesn't exist
- [ ] Return a 400 if the account login ID and password are incorrect
- [ ] Return a 403 if the user account is disabled
- [ ] Encrypt a random token and store it onto the database, along with the creation date and the IP address that requested its creation
- [ ] Return the unencrypted token to the client