Add last used timestamp for personal access tokens

[gtsiolis]

Problem to solve

Following the work in #14280 and the relevant RFC (internal), the personal access tokens currently do not store or surface the last used timestamp which is usually a best practice for access tokens.

See also relevant discussion (internal). Cc @easyCZ

[easyCZ]

When we implement this, we should store the data in a separate table which contains (Token ID, LastUsed) as fields. We would expect this table to be hit hard - on every API request to perform the update.

The update of last used must be non-blocking, and perhaps we should consider only storing the "date" of when it was last used and performing a conditional update on the data, instead of storing the full timestamp. Batching up the updates might also make sense to alleviate db load.

Another approach is to store this entirely in a cache, and update the LastUsed db entries on some interval.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.