Implement @DouweM's feedback.

- Extract a duplicated `redirect_to`
- Fix a typo: "token", not "certificate"
- Have the "Expires at" datepicker be attached to a text field, not inline
- Have both private tokens and personal access tokens verified in a
  single "authenticate_from_private_token" method, both in the
  application and API. Move relevant logic to
  `User#find_by_personal_access_token`
- Remove unnecessary constants relating to API auth. We don't need a
  separate constant for personal access tokens since the param is the
  same as for private tokens.

1 files changed, 4 insertions, 2 deletions

diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb
index 86e08fed8e2..508b82a9a6c 100644
--- a/app/controllers/profiles/personal_access_tokens_controller.rb
+++ b/app/controllers/profiles/personal_access_tokens_controller.rb
@@ -21,10 +21,12 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
     @personal_access_token = current_user.personal_access_tokens.find(params[:id])
 
     if @personal_access_token.revoke!
-      redirect_to profile_personal_access_tokens_path, notice: "Revoked personal access token #{@personal_access_token.name}!"
+      flash[:notice] = "Revoked personal access token #{@personal_access_token.name}!"
     else
-      redirect_to profile_personal_access_tokens_path, alert: "Could not revoke personal access token #{@personal_access_token.name}."
+      flash[:alert] = "Could not revoke personal access token #{@personal_access_token.name}."
     end
+
+    redirect_to profile_personal_access_tokens_path
   end
 
   private