Service tokens

[jrtcppv]

Remove the Token endpoint and replace with ServiceTokens endpoint. The new endpoint will require normal authentication, and only return the full token once, when the initial POST is made. GET will return the last four characters in the service token and the date created. A limit of two service tokens per account can be made. The front end should be updated to display service tokens that currently exist and allow for deletion and creation. A new DRF authentication class should be implemented for service tokens. A migration utility should be created to allow for continued use of existing tokens as service tokens, and the same Token prefix should be used in the Authorization header.

[bctcvai]

We should consider the use-case a user may want to make a read-only service token; potentially scoped to a project.