Create seperate database table for AccessTokens to hide jwt token and tokenId from user

lib/units/app/index.js

@@ -200,6 +200,29 @@ module.exports = function(options) {
       })
   })
 
+  app.get('/app/api/v1/accessTokens', function(req, res) {
+    dbapi.loadAccessTokens(req.user.email)
+      .then(function(cursor) {
+        return Promise.promisify(cursor.toArray, cursor)()
+          .then(function(list) {
+            var titles = []
+            list.forEach(function(token) {
+              titles.push(token.title)
+            })
+            res.json({
+              success: true
+            , titles: titles
+            })
+          })
+      })
+      .catch(function(err) {
+        log.error('Failed to load tokens: ', err.stack)
+        res.json(500, {
+          success: false
+        })
+      })
+  })
+
   server.listen(options.port)
   log.info('Listening on port %d', options.port)
 }