implement OAuth-based authentication

currently the authentication only works, if you are creating the websocket from the same site (here, we use the session authentication), or if you are able to modify the header for the initial GET request (we can do this with python for instance). We cannot have authentication from other domains (e.g. the frontend at https://marine-date.de wants to make a connection to a backend module connected to https://www.clm-community.eu). To enable such a connection, OAuth is definitely the way to go. Unfortunately however, there is no standard about how this should be implemented. Therefore I would make a message-broker-specific implementation here and send the token via the websocket. I.e. we first establish a connection, and then we ask the user to authenticate (such a described in this blog in the section Send access token over WebSocket. The good thing about this authentication is that we can in principly support multiple types of authentication by mimicking djangos AUTHENTICATION_BACKENDS framework