Avoid showing the whole token in the string representation.
These values are somewhat sensitive, so we should avoid showing them in places the barred token is shown as a string. (For example, when deleting a user via django-admin, the string representation is shown for the cascading deletion.)
The token value is also a little funny, as I made it nullable in a previous change (see PR #84).
All tokens will have an expiration, so it seems like a reasonable fact that will generally vary between tokens.
It's tempting to use the token_id, but since that is only conditionally present; I'm punting on it until we perhaps make token ids mandatory.
Avoid showing the whole token in the string representation.
These values are somewhat sensitive, so we should avoid showing them in places the barred token is shown as a string. (For example, when deleting a user via django-admin, the string representation is shown for the cascading deletion.)
The token value is also a little funny, as I made it nullable in a previous change (see PR #84).
All tokens will have an expiration, so it seems like a reasonable fact that will generally vary between tokens.
It's tempting to use the token_id, but since that is only conditionally present; I'm punting on it until we perhaps make token ids mandatory.