Adding signed tokens to generated URLs

Now, by default, urls generated with Croppa::url() will have a ?token=xxxxxxxx parameter added to them. The token is generated by hashing the parameters of your request (src image, dimensions, etc) combined with your Laravel app's encryption key. For example, a new Croppa 4.1 URL might look like:

http://domain.com/uploads/01/08/file-200x100.jpg?token=c21ed23af0228053c10b283a93b30d8c

This prevents the modifying of Croppa parameters after url generation which could lead to malicious users consuming CPU and storage generating unnecessary crops. As such, it more effectively accomplishes what the max_crops config was designed for; max_crops is now disabled by default.

If you are generating URLs outside of Croppa::url(), like the croppa.js module, you can disable this feature by setting the signing_key config to false.

Thanks to Glide for the inspiration for this feature.