Fix token prefix change when PAT prefix is nil

What does this MR do and why?

In 17.11 we released a feature to prevent old tokens from falling back to password authentication and, in particular, LDAP authentication where the account may become locked. Instances that have set their personal_access_token_prefix to nil or an empty string are facing problems cloning or authenticating sessionless requests. This is because start_with? cannot handle a nil value, and an empty value will cause all strings to match.

• Related MR: !188779 (merged)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch.
• The MR that fixed the bug on the default branch has been deployed to GitLab.com (not applicable for documentation or spec changes).
• This MR has a severity label assigned (if applicable).
• Set the milestone of the merge request to match the target backport branch version.
• This MR has been approved by a maintainer (only one approval is required).
• Ensure the e2e:test-on-omnibus-ee job has either succeeded or been approved by a Software Engineer in Test.

Note to the merge request author and maintainer

If you have questions about the patch release process, please:

• Refer to the patch release runbook for engineers and maintainers for guidance.
• Ask questions on the #releases Slack channel (internal only).