Add some sort of oauth.

data/database.py

@@ -271,9 +271,33 @@ class LogEntry(BaseModel):
   metadata_json = TextField(default='{}')
 
 
-all_models = [User, Repository, Image, AccessToken, Role,
-              RepositoryPermission, Visibility, RepositoryTag,
-              EmailConfirmation, FederatedLogin, LoginService, QueueItem,
-              RepositoryBuild, Team, TeamMember, TeamRole, Webhook,
-              LogEntryKind, LogEntry, PermissionPrototype, ImageStorage,
-              BuildTriggerService, RepositoryBuildTrigger]
+class OAuthApplication(BaseModel):
+  client_id = CharField(index=True, default=random_string_generator(length=20))
+  client_secret = CharField(default=random_string_generator(length=40))
+  redirect_uri = CharField()
+  organization = ForeignKeyField(User)
+
+
+class OAuthAuthorizationCode(BaseModel):
+  application = ForeignKeyField(OAuthApplication)
+  code = CharField(index=True)
+  scope = CharField()
+  data = CharField(default=random_string_generator())
+
+
+class OAuthAccessToken(BaseModel):
+  application = ForeignKeyField(OAuthApplication)
+  authorized_user = ForeignKeyField(User)
+  scope = CharField()
+  access_token = CharField(index=True)
+  token_type = CharField(default='Bearer')
+  expires_at = DateTimeField()
+  refresh_token = CharField(index=True, null=True)
+  data = CharField()  # What the hell is this field for?
+
+
+all_models = [User, Repository, Image, AccessToken, Role, RepositoryPermission, Visibility,
+              RepositoryTag, EmailConfirmation, FederatedLogin, LoginService, QueueItem,
+              RepositoryBuild, Team, TeamMember, TeamRole, Webhook, LogEntryKind, LogEntry,
+              PermissionPrototype, ImageStorage, BuildTriggerService, RepositoryBuildTrigger,
+              OAuthApplication, OAuthAuthorizationCode, OAuthAccessToken]