client side, user stronger auth

[vecna]

This is the client side implementation for tracking-exposed/facebook#82

The user sign a request with their public key,
if the publicKey and the userId are valid
a secret token is returned.

This token is necessary to get in the (former) realitycheck page.

[vecna]

Finally released with the version 1.1.15