Add slack in the other direction as well

What does this MR do (summary)?

Fix api key login

What changes have you made (detailed)?

Allow also EXPIRY_TIME seconds of slack in the other direction; now a server with time 1 second off is already breaking login.

Does this MR meet the acceptance criteria?

• The main application was run to make sure the server still runs without errors.
• Tests were written to verify the behaviour of this code.
• Javadoc and other comments were added to make the code understandable.
• The code adheres to the style guidelines.