Authorization token for write API
Initial draft of write authorization
Needs more tests and work around deployment / revocation, but
contains the general idea.
Add missing thing
Running the tests was giving me warnings about this not being
Add headers when using HTTPTestClient
So headers such as the bearer token are passed onto the apis.
Add reptiles bucket to test bearer tokens
Move tokens out into their own config files
This better reflects how they are deployed. Tokens change per
organisation but general configuration does not.
Are there any changes required to deployment configuration for other environments?
Yes, good point, linked below. Basically, we have a shared configuration and then organisation specific tokens.