AshAuthentication.AddOn.LogOutEverywhere (ash_authentication v4.6.3)

View Source

Log out everywhere support.

Sometimes it's necessary to be able to invalidate all of a user's sessions with a single action. This add-on provides this functionality.

In order to use this feature the following features must be enabled:

  1. Tokens must be enabled.
  2. The authentication.tokens.store_all_tokens? option is enabled.
  3. The authentication.tokens.require_token_presence_for_authentication? option is enabled.
  4. For the apply_on_password_change? option, at least one password strategy must be enabled.

Example

defmodule MyApp.Accounts.User do
  use Ash.Resource,
    extensions: [AshAuthentication],
    domain: MyApp.Accounts

  authentication do
    tokens do
      enabled? true
      store_all_tokens? true
      require_token_presence_for_authentication? true
    end

    add_ons do
      log_out_everywhere do
        apply_on_password_change? true
      end
    end

Actions

By default the add-on will add a log_out_everywhere action which reverts all the existing non-expired tokens for the user in question.

Example

iex> strategy = Info.strategy!(Example.User, :log_out_everywhere)
...> {:ok, user} = Strategy.action(strategy, :log_out_everywhere, %{"user_id" => user_id()})
...> user.id == user_id()
true

Summary

Types

t()

@type t() :: %AshAuthentication.AddOn.LogOutEverywhere{
  action_name: atom(),
  apply_on_password_change?: boolean(),
  argument_name: nil,
  exclude_purposes: term(),
  include_purposes: term(),
  name: :log_out_everywhere,
  provider: :log_out_everywhere,
  resource: module(),
  strategy_module: module()
}

Functions

transform(entity, dsl)

Callback implementation for AshAuthentication.Strategy.Custom.transform/2.

verify(strategy, dsl)

Callback implementation for AshAuthentication.Strategy.Custom.verify/2.