<!--
This file was generated by Spark. Do not edit it by hand.
-->
# AshAuthentication.AddOn.LogOutEverywhere

Log out everywhere support.

Sometimes it's necessary to be able to invalidate all of a user's sessions
with a single action. This add-on provides this functionality.

In order to use this feature the following features must be enabled:

1. Tokens must be enabled.
2. The `authentication.tokens.store_all_tokens?` option is enabled.
3. The `authentication.tokens.require_token_presence_for_authentication?`
   option is enabled.
4. For the `apply_on_password_change?` option, at least one password strategy
   must be enabled.

## Example

```elixir
defmodule MyApp.Accounts.User do
  use Ash.Resource,
    extensions: [AshAuthentication],
    domain: MyApp.Accounts

  authentication do
    tokens do
      enabled? true
      store_all_tokens? true
      require_token_presence_for_authentication? true
    end

    add_ons do
      log_out_everywhere do
        apply_on_password_change? true
      end
    end
```

## Actions

By default the add-on will add a `log_out_everywhere` action which reverts all
the existing non-expired tokens for the user in question.

### Example

    iex> strategy = Info.strategy!(Example.User, :log_out_everywhere)
    ...> {:ok, user} = Strategy.action(strategy, :log_out_everywhere, %{"user_id" => user_id()})
    ...> user.id == user_id()
    true


### authentication.add_ons.log_out_everywhere
```elixir
log_out_everywhere name \\ :log_out_everywhere
```


Log out everywhere add-on


### Arguments

| Name | Type | Default | Docs |
|------|------|---------|------|
| [`name`](#authentication-add_ons-log_out_everywhere-name){: #authentication-add_ons-log_out_everywhere-name .spark-required} | `atom` |  | Uniquely identifies the add-on |
### Options

| Name | Type | Default | Docs |
|------|------|---------|------|
| [`action_name`](#authentication-add_ons-log_out_everywhere-action_name){: #authentication-add_ons-log_out_everywhere-action_name } | `atom` | `:log_out_everywhere` | The name of the action to generate. |
| [`argument_name`](#authentication-add_ons-log_out_everywhere-argument_name){: #authentication-add_ons-log_out_everywhere-argument_name } | `atom` | `:user` | The name of the user argument to the `:log_out_everywhere` action. |
| [`include_purposes`](#authentication-add_ons-log_out_everywhere-include_purposes){: #authentication-add_ons-log_out_everywhere-include_purposes } | `list(String.t)` |  | Limit the list of token purposes for which tokens will be revoked to those in this list, except those in `exclude_token_purposes`. |
| [`exclude_purposes`](#authentication-add_ons-log_out_everywhere-exclude_purposes){: #authentication-add_ons-log_out_everywhere-exclude_purposes } | `list(String.t)` | `["revocation"]` | Don't revoke tokens with these purposes when logging a user out everywhere. |
| [`apply_on_password_change?`](#authentication-add_ons-log_out_everywhere-apply_on_password_change?){: #authentication-add_ons-log_out_everywhere-apply_on_password_change? } | `boolean` | `false` | Automatically log out all active sessions whenever a password is changed. |


### Introspection

Target: `AshAuthentication.AddOn.LogOutEverywhere`


<style type="text/css">.spark-required::after { content: "*"; color: red !important; }</style>