Store access tokens as a post type

[spacedmonkey]

Currently user access tokens are stored as an option. This has a number of down sides, includes

• Extremely hard to query, with for all or by user
• Options table is not designed to scale to millions of rows.
• Access tokens are not directly linked to users and are not deleted when user accounts for removed.

Making the access token a post type, fixes all these issues.

[kosso]

Don't forget to handle the expiry of the token.

(Does this plugin handle that yet? Last time I looked, the database was getting clogged up with loads of them)

I also agree that options are not a good place to store these.

But wouldn't a user meta field be a better fit than a post type?

[spacedmonkey]

@kosso I have answered the question of using user meta in the PR, if you want to take a look over the for an answer.

As for expiring tokens, I am not sure that this is handled yet, or not at least I can see. If the token was a post, then we could use the post created date and sheduled event to clean out expired tokens.

The nice thing about storing is as post, is that once a user is deleted, the token does with it. So that should mean less useless token in the database.