AshAuthentication.AddOn.LogOutEverywhere (ash_authentication v4.6.3)
View SourceLog out everywhere support.
Sometimes it's necessary to be able to invalidate all of a user's sessions with a single action. This add-on provides this functionality.
In order to use this feature the following features must be enabled:
- Tokens must be enabled.
- The
authentication.tokens.store_all_tokens?
option is enabled. - The
authentication.tokens.require_token_presence_for_authentication?
option is enabled. - For the
apply_on_password_change?
option, at least one password strategy must be enabled.
Example
defmodule MyApp.Accounts.User do
use Ash.Resource,
extensions: [AshAuthentication],
domain: MyApp.Accounts
authentication do
tokens do
enabled? true
store_all_tokens? true
require_token_presence_for_authentication? true
end
add_ons do
log_out_everywhere do
apply_on_password_change? true
end
end
Actions
By default the add-on will add a log_out_everywhere
action which reverts all
the existing non-expired tokens for the user in question.
Example
iex> strategy = Info.strategy!(Example.User, :log_out_everywhere)
...> {:ok, user} = Strategy.action(strategy, :log_out_everywhere, %{"user_id" => user_id()})
...> user.id == user_id()
true
Summary
Functions
Callback implementation for AshAuthentication.Strategy.Custom.transform/2
.
Callback implementation for AshAuthentication.Strategy.Custom.verify/2
.
Types
Functions
Callback implementation for AshAuthentication.Strategy.Custom.transform/2
.
Callback implementation for AshAuthentication.Strategy.Custom.verify/2
.