AshAuthentication.AddOn.LogOutEverywhere (ash_authentication v4.13.0)
View SourceLog out everywhere support.
Sometimes it's necessary to be able to invalidate all of a user's sessions with a single action. This add-on provides this functionality.
In order to use this feature the following features must be enabled:
- Tokens must be enabled.
- The
authentication.tokens.store_all_tokens?option is enabled. - The
authentication.tokens.require_token_presence_for_authentication?option is enabled. - For the
apply_on_password_change?option, at least one password strategy must be enabled.
Example
defmodule MyApp.Accounts.User do
use Ash.Resource,
extensions: [AshAuthentication],
domain: MyApp.Accounts
authentication do
tokens do
enabled? true
store_all_tokens? true
require_token_presence_for_authentication? true
end
add_ons do
log_out_everywhere do
apply_on_password_change? true
end
endActions
By default the add-on will add a log_out_everywhere action which reverts all
the existing non-expired tokens for the user in question.
Example
iex> strategy = Info.strategy!(Example.User, :log_out_everywhere)
...> {:ok, user} = Strategy.action(strategy, :log_out_everywhere, %{"user_id" => user_id()})
...> user.id == user_id()
trueSummary
Functions
Callback implementation for AshAuthentication.Strategy.Custom.transform/2.
Callback implementation for AshAuthentication.Strategy.Custom.verify/2.
Types
@type t() :: %AshAuthentication.AddOn.LogOutEverywhere{ __spark_metadata__: Spark.Dsl.Entity.spark_meta(), action_name: atom(), apply_on_password_change?: boolean(), argument_name: nil, exclude_purposes: term(), include_purposes: term(), name: :log_out_everywhere, provider: :log_out_everywhere, resource: module() }
Functions
Callback implementation for AshAuthentication.Strategy.Custom.transform/2.
Callback implementation for AshAuthentication.Strategy.Custom.verify/2.