token authentication breaks if other `Authorization` headers are present

[jeffreywescott]

From ch411

In middlewares.js, we check for an Authorization header, and then assume that it will be of type Bearer. If there is another Authorization header (not Bearer), the RegExp on line 6 doesn't match properly and we get No such property 1 of undefined on line 10.

Found while debugging with @bundacia.

Note that idm-jwt-auth is used in game and idm, so once we update and release a new version of this package we'll need to redeploy each of those services with the new version.

[jeffreywescott]

[Comment from Clubhouse user @jeffreywescott:] @prattsj: move to P4 GH?