Provide an API endpoint to allow PATs to be revoked by value

Currently we allow PATs to be only revoked via the API when you happen to know the ID of the PAT. If an account has multiple PATs it might not always be clear which PAT is the one which needs to be revoked with the current API output.

In order to quickly revoke PATs in case of a leak it would be a great addition to have an endpoint like DELETE api/v4/personal_access_tokens/self which would revoke the PAT used in the request.