Admin Token API does not work with historic custom prefixes

Summary

We currently do not properly support token identification for custom token prefixes. It will work for either glpat or the current custom prefix, but not for historic prefixes. For this reason, I'd suggest implementing a history of the custom prefix.

Steps to reproduce

1. Create a custom prefix Admin area > General > Personal access token prefix, e.g. custom-prefix
2. Generate a personal access token with new prefix, result will be e.g. custom-prefix-123
3. Change the custom prefix, e.g. new-custom-prefix
4. Use the Admin Token API or the Token Revocation scoped to Groups with the old token.

You will not find the token, as the prefix has been changed and the matching is done on the new prefix, which is not present in the old token.

What is the current bug behavior?

The token is not found.

What is the expected correct behavior?

The token is found.

Possible fixes

This is the line that matches the token prefix.

To fix this, we would need to store a history of custom prefixes. This way we could match not only on the most recent version of the prefix, but also on historic values.