No longer hash auth tokens + store the token scopes

This partially reverts commit c57aefd48b.
The code to check against hashed tokens remains, because existing tokens
should still work.

The unhashed tokens are necessary for fetching badges from Blender ID.

tests/test_api/test_local_auth.py

@@ -38,8 +38,6 @@ class LocalAuthTest(AbstractPillarTest):
         self.assertEqual(200, resp.status_code, resp.data)
 
     def test_login_expired_token(self):
-        from pillar.api.utils.authentication import hash_auth_token
-
         user_id = self.create_test_user()
 
         resp = self.client.post('/api/auth/make-token',
@@ -54,7 +52,7 @@ class LocalAuthTest(AbstractPillarTest):
             tokens = self.app.data.driver.db['tokens']
 
             exp = datetime.datetime.now(tz=tz_util.utc) - datetime.timedelta(1)
-            result = tokens.update_one({'token_hashed': hash_auth_token(token)},
+            result = tokens.update_one({'token': token},
                                        {'$set': {'expire_time': exp}})
             self.assertEqual(1, result.modified_count)