Fix `app/authenticator/jwt-token.js`'s `invalidate` to cleanly destroy session server-side

[nadnoslen]

We're doing this right now -- but it's fugly and could potentially fail.

The problem is ember-simple-auth and ember-simple-auth-token use invalidate() in wild ways.

Consider this:

1. look into all ways ember-simple-auth-token is invoking invalidate()
2. in cases where invalidate is simply clearing because of access token refresh attempt, maybe just hard code that.

Be aware of #3!!!