RequestTokens are stored in the table
This will set the
authorized_by to the current user.
It will also refresh the valid_until to be active for another hour.
This neatly encapsulates the "is this request token perfect?" check.
This will return a (boolean, message) pair, with boolean indicating success (true means the token is good) and message indicating error (or another affirmation of success).
Only root may have access to this model.