Add ability to delete a token

Fix #4234

routers/api/v1/api.go

@@ -302,6 +302,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 				m.Group("/tokens", func() {
 					m.Combo("").Get(user.ListAccessTokens).
 						Post(bind(api.CreateAccessTokenOption{}), user.CreateAccessToken)
+					m.Combo("/:id").Delete(user.DeleteAccessToken)
 				}, reqBasicAuth())
 			})
 		})

routers/api/v1/user/app.go

@@ -1,4 +1,5 @@
 // Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2018 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
@@ -74,3 +75,39 @@ func CreateAccessToken(ctx *context.APIContext, form api.CreateAccessTokenOption
 		Sha1: t.Sha1,
 	})
 }
+
+// DeleteAccessToken delete access tokens
+func DeleteAccessToken(ctx *context.APIContext) {
+	// swagger:operation DELETE /users/{username}/tokens/{token} user userCreateToken
+	// ---
+	// summary: Create an access token
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: username
+	//   in: path
+	//   description: username of user
+	//   type: string
+	//   required: true
+	// - name: token
+	//   in: path
+	//   description: token to be deleted
+	//   type: string
+	//   required: true
+	// responses:
+	//   "204":
+	//     "$ref": "#/responses/empty"
+	tokenID := ctx.ParamsInt64(":id")
+	if err := models.DeleteAccessTokenByID(tokenID, ctx.User.ID); err != nil {
+		if models.IsErrAccessTokenNotExist(err) {
+			ctx.Status(404)
+		} else {
+			ctx.Error(500, "DeleteAccessTokenByID", err)
+		}
+		return
+	}
+
+	ctx.Status(204)
+}