allow users to specify non-globalforestwatch domains in api key

[solomon-negusse]

Pull request checklist

Please check if your PR fulfills the following requirements:

• Make sure you are requesting to pull a topic/feature/bugfix branch (right side). Don't request your master!
• Make sure you are making a pull request against the develop branch (left side). Also you should start your branch off our develop.
• Check the commit's or even all commits' message styles matches our requested structure.
• Check your code additions will fail neither code linting checks nor unit test.

Pull request type

Please check the type of change your PR introduces:

• Bugfix
• Feature
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no api changes)
• Build related changes
• Documentation content changes
• Other (please describe):

What is the current behavior?

Creating api key from non-globalforestwatch origins fails now if the user passes domains list that doesn't include globalforestwatch.

What is the new behavior?

• Users can create api key for non-GFW domains

Does this introduce a breaking change?

• Yes
• No

Other information

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 25.00000% with 3 lines in your changes are missing coverage. Please review.

Project coverage is 81.85%. Comparing base (a10fa4b) to head (3f1dddb).

Files	Patch %	Lines
app/authentication/api_keys.py	33.33%	2 Missing ⚠️
app/routes/authentication/authentication.py	0.00%	1 Missing ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop     #532      +/-   ##
===========================================
+ Coverage    81.71%   81.85%   +0.13%     
===========================================
  Files          125      125              
  Lines         5618     5609       -9     
===========================================
  Hits          4591     4591              
+ Misses        1027     1018       -9     

Flag	Coverage Δ
unittests	81.85% <25.00%> (+0.13%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[solomon-negusse]

This prevents users from creating api keys from anywhere but the domain they plan to use the api key for (for example, one wouldn't be able to use postman to create an api key for mapbuilder (listed in the domains request body)) because the origin or referer wouldn't point to that and this check will fail.
This check gets applied correctly checking requests coming in with an api key (https://github.com/wri/gfw-data-api/blob/master/app/authentication/api_keys.py#L53)