We would sometimes return nil cast to an interface with no error,
which would cause the server to crash with a null dereference.

It now takes a template that allows setting all options.

We used to send a null version field in every message.  Don't.

Rather than trying to determine whether the workaround is needed,
we now perform it unconditionally, and ignore the resulting exception
on non-broken browsers.

This is no longer needed since version 110.

We used to hard-wire the rid identifiers.  We now assume that
the simulcast streams are ordered in decreasing order of quality.

We now remove a token a week after it has expired.

If a token does not specify a username, the server will request
one by failing the join message.  Disconnect from the WebSocket
in that case, and display the login dialog with the password
field invisible.

We now report ErrUsernameRequired and ErrDuplicateUsername
errors by setting the "error" field of messages.

Stateful tokens look just like cryptographic tokens to the client.
Unlike cryptographic tokens, they are stored in a file and are
revokable and editable.

The "time" field of messages is now a string in RFC 3339 format,
and there is a new "error" field in messages.

Tokens are now an interface, and all the token logic is encapsulated
in the token module.

We used to set sc.group even if joining failed, which would cause
us to spuriously call the onJoined callback when we disconnected.

Avoid copying data when sending, improve error handling.