Previously if we use the in-memory backend, it will return a raw binary token for refresh token. This fixes the case.
Whenever it makes the code easier to follow, use early return to avoid else statements.
This enables us to control the length of the bytes that will be bcrypted, by default it's 64. Also changed the token's stored form from string('text') to []byte('bytea') and added some test cases for different types of invalid tokens.
