Datasette-auth-tokens

Improvements to the create token page for managed token mode. [21](https://github.com/simonw/datasette-auth-tokens/issues/21)

- Don't show `permissions-debug` and `debug-menu`, since they don't make sense for API tokens to use.
- Include short descriptions of each permission.

- Token permissions are now displayed in a more human-readable way. [9](https://github.com/simonw/datasette-auth-tokens/issues/9)
- New `/-/api/tokens` interface for viewing and revoking managed tokens. [15](https://github.com/simonw/datasette-auth-tokens/issues/15)
- Only the creator of a token or a user with the new `auth-tokens-revoke-any` permission can revoke a token. [16](https://github.com/simonw/datasette-auth-tokens/issues/16)
- Tokens now record when they expired or were revoked in the new `ended_timestamp` column. [17](https://github.com/simonw/datasette-auth-tokens/issues/17)
- Now defaults to storing tokens in the new [internal database](https://docs.datasette.io/en/1.0a5/internals.html#datasette-s-internal-database) from Datasette 1.0a5. [18](https://github.com/simonw/datasette-auth-tokens/issues/18)

- Fix bug where an invalid signature on an incoming `dstok_` token caused a 500 error. [14](https://github.com/simonw/datasette-auth-tokens/issues/14)

- Multiple database support for managed tokens mode: use the new `manage_tokens_database` setting to specify which database should hold the authentication tokens. [11](https://github.com/simonw/datasette-auth-tokens/issues/11)
- Cosmetic improvements to the display of the token creation page. [12](https://github.com/simonw/datasette-auth-tokens/issues/12), [#13](https://github.com/simonw/datasette-auth-tokens/issues/13)

- Alpha release, with first preview of the new manage tokens mode. This provides a table for database-backed API tokens and an interface for creating and revoking them. [7](https://github.com/simonw/datasette-auth-tokens/issues/7)

- New `param` plugin configuration option for specifying a query string parameter that can be used instead of the `Authorization: Bearer` header - thanks, Jannis Leidel. ([5](https://github.com/simonw/datasette-auth-tokens/pull/5))