security: Guard against accessing other user tokens

This should be an admin-only action.

Mitigation:

Existing tokens need to be revoked.

The following command under WebDNS root outputs the set of users that
have enabled API tokens:

rails runner "User.where.not(token: '').each { |u| p [u.id, u.email, Rails.application.routes.url_helpers.token_user_path(u)] }"