Skip to main content

api_revoke_sessions

Function api_revoke_sessions 

Source
pub fn api_revoke_sessions(
    actor: Actor,
    owner: String,
    pool: &State<DbPool>,
) -> Result<Json<RevokeAckDto>, Status>
Expand description

Revokes all of an identity’s sessions (agent twin of the screen’s revoke). Token-gated (the Actor guard) and audited — for automated security response (kick out a compromised account everywhere). Referenced by the non-secret owner name, never a session id. Idempotent: an identity with no sessions revokes 0. Sessions are ephemeral auth state, not historical record, so this mutation is exposed to agents (unlike the immutable history tables).