This change is the first in a series of changes for improving our API Tokens

(which we'll refer to as API Tokens v2). Currently, Review Board uses a SHA1

token format, which has the following disadvantages:

- Tokens aren't able to be validated or identified from other SHA1 tokens.

- Can't use secret scanning to detect leaked tokens.

- They aren't as secure as some modern counterparts.
In response, we are moving towards a new token format that contains a

vendor/category prefix and can be validated through a checksum. Additionally,

we want to be able to support token expiration and invalidation, which we

currently don't do. Since we are moving away from an old token format, we also

need support for token deprecation.
In this change we modify the API tokens model to allow the possibility for

new token types, expiration, and invalidation. The following changes are made

to the WebAPIToken model:

- Adding expires field

- Adding valid, invalid_date and invalid_reason fields

- Adding token_generator_id field

- Adding last_used field

- Updating max length of token to 255 characters.

Successfully upgraded the database and successfully created a new database.