Add ability to delete a token (#4235)

Fix #4234

routers/api/v1/user/app.go

@@ -1,4 +1,5 @@
 // Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2018 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 
@@ -36,6 +37,7 @@ func ListAccessTokens(ctx *context.APIContext) {
 	apiTokens := make([]*api.AccessToken, len(tokens))
 	for i := range tokens {
 		apiTokens[i] = &api.AccessToken{
+			ID:   tokens[i].ID,
 			Name: tokens[i].Name,
 			Sha1: tokens[i].Sha1,
 		}
@@ -72,5 +74,40 @@ func CreateAccessToken(ctx *context.APIContext, form api.CreateAccessTokenOption
 	ctx.JSON(201, &api.AccessToken{
 		Name: t.Name,
 		Sha1: t.Sha1,
+		ID:   t.ID,
 	})
 }
+
+// DeleteAccessToken delete access tokens
+func DeleteAccessToken(ctx *context.APIContext) {
+	// swagger:operation DELETE /users/{username}/tokens/{token} user userDeleteAccessToken
+	// ---
+	// summary: delete an access token
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: username
+	//   in: path
+	//   description: username of user
+	//   type: string
+	//   required: true
+	// - name: token
+	//   in: path
+	//   description: token to be deleted
+	//   type: integer
+	//   required: true
+	// responses:
+	//   "204":
+	//     "$ref": "#/responses/empty"
+	tokenID := ctx.ParamsInt64(":id")
+	if err := models.DeleteAccessTokenByID(tokenID, ctx.User.ID); err != nil {
+		if models.IsErrAccessTokenNotExist(err) {
+			ctx.Status(404)
+		} else {
+			ctx.Error(500, "DeleteAccessTokenByID", err)
+		}
+		return
+	}
+
+	ctx.Status(204)
+}