Update api tokens implementation

Currently tokens are modeled as AccessToken entity and access-tokens db table.

The following changes are required:

• access_tokens table should be dropped and replaced with user_api_tokens table (entity class should be renamed accordingly)
• the user_id column should have an actual relation to the users table
• a deleted boolean flag should be added
• it shouldn't be possible to add a second token with an existing name to given user
• token deletion action should be supported over the REST API (only invalidated token can be deleted - deleted flag should be set to true)
• deleted tokens should not be returned over REST API