Make temporary token storage/schema more flexible

Summary:
Ref T10603. This makes minor updates to temporary tokens:

• Rename objectPHID (which is sometimes used to store some other kind of identifier instead of a PHID) to tokenResource (i.e., which resource does this token permit access to?).
• Add a userPHID column. For LFS tokens and some other types of tokens, I want to bind the token to both a resource (like a repository) and a user.
• Add a properties column. This makes tokens more flexible and supports custom behavior (like scoping LFS tokens even more tightly).

Test Plan:

• Ran bin/storage upgrade -f, got a clean upgrade.
• Viewed one-time tokens.
• Revoked one token.
• Revoked all tokens.
• Performed a one-time login.
• Performed a password reset.
• Added an MFA token.
• Removed an MFA token.
• Used a file token to view a file.
• Verified file token was removed after viewing file.
• Linked my account to an OAuth1 account (Twitter).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10603

Differential Revision: https://secure.phabricator.com/D15478