destroyAllRefreshTokens static method

Future<void> destroyAllRefreshTokens(
  1. Session session, {
  2. required UuidValue authUserId,
  3. Transaction? transaction,
})

Removes all refresh tokens for the given authUserId.

Active access tokens will continue to work until their expiration time is reached.

Implementation

static Future<void> destroyAllRefreshTokens(
  final Session session, {
  required final UuidValue authUserId,
  final Transaction? transaction,
}) async {
  final auths = await RefreshToken.db.deleteWhere(
    session,
    where: (final row) => row.authUserId.equals(authUserId),
    transaction: transaction,
  );

  if (auths.isEmpty) return;

  await session.messages.authenticationRevoked(
    authUserId.uuid,
    RevokedAuthenticationUser(),
  );
}