- Extract a duplicated `redirect_to`
- Fix a typo: "token", not "certificate"
- Have the "Expires at" datepicker be attached to a text field, not inline
- Have both private tokens and personal access tokens verified in a
single "authenticate_from_private_token" method, both in the
application and API. Move relevant logic to
`User#find_by_personal_access_token`
- Remove unnecessary constants relating to API auth. We don't need a
separate constant for personal access tokens since the param is the
same as for private tokens.
- No hardcoded colors in any SCSS file except `variables.scss`
- Don't allow choosing a date in the past
- Use the same table as in the "Applications" tab
- The button should say "Create Personal Access Token"
- Float the revoke button to the right of the table cell
- Change the revocation message to be more explicit.
- Date shouldn't look selected on page load
- Don't use a panel for the created token
- Use a normal flash for "Your new personal access token has been created"
- Show the input (with the token) below it full width.
- Put the "Make sure you save it - you won't be able to access it again." message near the input
- Have the created token's input highlight all on single click
- Use the `:personal_access_token` param root instead of
`personal_access_token_params`, because we aren't using the
`personal_access_token` param for authentication anymore (we're using
`private_token` instead).
- Use `build` to instantiate a `PersonalAccessToken`
- Use better-formatted dates
Timothy Andrew