* Update ApiToken model
- Add metadata
- Remove unique_together requirement
- Add last_seen field
* Update admin page for token
* Store metadata against token on creation
* Track last-seen date
* Allow match against existing valid token
- If token is expired or revoked, create a new one
- Prevents duplication of tokens
* Update unit tests
* Create new APIToken model
- Has custom 'name' field
- Has custom expiry date
* Add data migration to port across any existing user tokens
* Adds 'revoked' field - tokens can be manually revoked
* Update API token - allow multiple tokens per user
* Custom token auth handler
- Correctly handles revoked tokens
- Correctly handles expired tokens
* Update AuthRequiredMiddleware
- Check for token active status
* Token API endpoint improvements
- Can return tokens with custom names
- Return more information on the token too
* Consolidate migrations
* When requesting a token, overwrite inactive token for authenticated user
- An authenticated user must receive a token
- Unauthenticated users cannot do this
* Fix
* Use token name for frontend
* Force token expiry, and generate default expiry date
* Force generation of a new token when requested
* Reduce data exposed on token API endpoint
* Display redacted token in admin site
* Log when new token is created for user
* Add default value for token
- Allows raw token to be viewed in the admin interface when created
- After created, no longer visible
- Also provides ability to generate token with static prefix
* Fixes for admin interface
- Prevent user and expiry from being edited after creation
* Implement unit tests for token functionality
* Fix content exclude for import/export
* Fix typo
* Further tweaks
- Prevent editing of "name" field after creation
- Add isoformat date suffix to token
* Longer token requires longer database field!
* Fix other API tokens
* Remove 'delete' method from token API endpoint
* Bump API version