Return `401` instead of `403` when the JWT access token is invalid or expired

[VKTB]

401 instead of 403 should be returned when the JWT access token is invalid or expired. 403 is used when the client has valid authentication credentials but it does not have the necessary permissions. Any applications consuming the API whose logic depends on this status code will need to be updated.

https://github.com/search?q=repo%3Aral-facilities%2Finventory-management-system-api%20%22403%22&type=code

[VKTB]

FastAPI returns 403 if the authorisation header is missing. There is an issue/discussion opened in the FastAPI repo to change it to 401.

[VKTB]

I think it is better to wait for FastAPI to change this. We will know that they have done this as some of the tests will fail.