# `AshAuthentication.AddOn.LogOutEverywhere`
[🔗](https://github.com/team-alembic/ash_authentication/blob/main/lib/ash_authentication/add_ons/log_out_everywhere.ex#L5)

Log out everywhere support.

Sometimes it's necessary to be able to invalidate all of a user's sessions
with a single action. This add-on provides this functionality.

In order to use this feature the following features must be enabled:

1. Tokens must be enabled.
2. The `authentication.tokens.store_all_tokens?` option is enabled.
3. The `authentication.tokens.require_token_presence_for_authentication?`
   option is enabled.
4. For the `apply_on_password_change?` option, at least one password strategy
   must be enabled.

## Example

```elixir
defmodule MyApp.Accounts.User do
  use Ash.Resource,
    extensions: [AshAuthentication],
    domain: MyApp.Accounts

  authentication do
    tokens do
      enabled? true
      store_all_tokens? true
      require_token_presence_for_authentication? true
    end

    add_ons do
      log_out_everywhere do
        apply_on_password_change? true
      end
    end
```

## Actions

By default the add-on will add a `log_out_everywhere` action which reverts all
the existing non-expired tokens for the user in question.

### Example

    iex> strategy = Info.strategy!(Example.User, :log_out_everywhere)
    ...> {:ok, user} = Strategy.action(strategy, :log_out_everywhere, %{"user_id" => user_id()})
    ...> user.id == user_id()
    true

# `t`

```elixir
@type t() :: %AshAuthentication.AddOn.LogOutEverywhere{
  __spark_metadata__: Spark.Dsl.Entity.spark_meta(),
  action_name: atom(),
  apply_on_password_change?: boolean(),
  argument_name: nil,
  exclude_purposes: term(),
  include_purposes: term(),
  name: :log_out_everywhere,
  provider: :log_out_everywhere,
  resource: module()
}
```

# `transform`

# `verify`

---

*Consult [api-reference.md](api-reference.md) for complete listing*