Api token updates (#5664)

* Create new APIToken model

- Has custom 'name' field
- Has custom expiry date

* Add data migration to port across any existing user tokens

* Adds 'revoked' field - tokens can be manually revoked

* Update API token - allow multiple tokens per user

* Custom token auth handler

- Correctly handles revoked tokens
- Correctly handles expired tokens

* Update AuthRequiredMiddleware

- Check for token active status

* Token API endpoint improvements

- Can return tokens with custom names
- Return more information on the token too

* Consolidate migrations

* When requesting a token, overwrite inactive token for authenticated user

- An authenticated user must receive a token
- Unauthenticated users cannot do this

* Fix

* Use token name for frontend

* Force token expiry, and generate default expiry date

* Force generation of a new token when requested

* Reduce data exposed on token API endpoint

* Display redacted token in admin site

* Log when new token is created for user

* Add default value for token

- Allows raw token to be viewed in the admin interface when created
- After created, no longer visible
- Also provides ability to generate token with static prefix

* Fixes for admin interface

- Prevent user and expiry from being edited after creation

* Implement unit tests for token functionality

* Fix content exclude for import/export

* Fix typo

* Further tweaks

- Prevent editing of "name" field after creation
- Add isoformat date suffix to token

* Longer token requires longer database field!

* Fix other API tokens

* Remove 'delete' method from token API endpoint

* Bump API version

src/frontend/src/components/nav/NotificationDrawer.tsx

@@ -81,12 +81,12 @@ export function NotificationDrawer({
       <Stack spacing="xs">
         <Divider />
         <LoadingOverlay visible={notificationQuery.isFetching} />
-        {notificationQuery.data?.results?.length == 0 && (
+        {(notificationQuery.data?.results?.length ?? 0) == 0 && (
           <Alert color="green">
             <Text size="sm">{t`You have no unread notifications.`}</Text>
           </Alert>
         )}
-        {notificationQuery.data?.results.map((notification: any) => (
+        {notificationQuery.data?.results?.map((notification: any) => (
           <Group position="apart">
             <Stack spacing="3">
               <Text size="sm">{notification.target?.name ?? 'target'}</Text>

src/frontend/src/functions/auth.tsx

@@ -21,7 +21,10 @@ export const doClassicLogin = async (username: string, password: string) => {
     .get(apiUrl(ApiPaths.user_token), {
       auth: { username, password },
       baseURL: host.toString(),
-      timeout: 5000
+      timeout: 5000,
+      params: {
+        name: 'inventree-web-app'
+      }
     })
     .then((response) => response.data.token)
     .catch((error) => {
@@ -114,7 +117,10 @@ export function handleReset(navigate: any, values: { email: string }) {
 export function checkLoginState(navigate: any, redirect?: string) {
   api
     .get(apiUrl(ApiPaths.user_token), {
-      timeout: 5000
+      timeout: 5000,
+      params: {
+        name: 'inventree-web-app'
+      }
     })
     .then((val) => {
       if (val.status === 200 && val.data.token) {