Draft: Add personal access tokens
This MR adds the option of users creating personal access tokens to access the API. I think these could be useful for running CI jobs, especially if we can issue them to dynamically issue them repositories using a webhook.
Leaving this as a draft for now while the idea gets fleshed out.