[英]How to manually revoke a Doorkeeper token?
Say I have a user which I have soft-deleted from my system.假设我有一个从系统中软删除的用户。 I want to revoke their tokens as well.我也想撤销他们的代币。 What's the best way of accomplishing this?实现这一目标的最佳方法是什么? Is it as simple as doing something like是否像做类似的事情一样简单
Doorkeeper::AccessToken.where(resource_owner_id: deleted_user.id).each(&:revoke)
or is there a better approach?或者有更好的方法吗?
You can do this, where application_id
is a Doorkeeper application ID and resource_owner
is the deleted user:您可以这样做,其中application_id
是 Doorkeeper 应用程序 ID, resource_owner
是已删除的用户:
Doorkeeper::AccessToken.revoke_all_for(application_id, resource_owner)
Since you specifically asked about revoking all tokens for a user (without mentioning applications), your options are:由于您特别询问撤销用户的所有令牌(没有提及应用程序),您的选择是:
Example of Method 2 that worked for me:对我有用的方法 2 示例:
class User
def revoke_all_access_tokens!
application_ids = Doorkeeper::Application.pluck(:id) + [nil]
Doorkeeper::AccessToken.revoke_all_for(application_ids, self)
end
end
Note that + [nil]
is necessary if you want to also delete tokens that don't have an application ID (depending on how you're using Doorkeeper).请注意,如果您还想删除没有应用程序 ID 的令牌(取决于您使用 Doorkeeper 的方式),则+ [nil]
是必要的。
The code for this method is small and easy to understand, if you need to customize it. 此方法的代码很小且易于理解,如果您需要对其进行自定义。
The answer of @Justin Workman is great. @Justin Workman 的回答很棒。
After I checked the implement of revoke_all_for
method在我检查了revoke_all_for
方法的实现之后
def revoke_all_for(application_id, resource_owner, clock = Time)
by_resource_owner(resource_owner)
.where(
application_id: application_id,
revoked_at: nil,
)
.update_all(revoked_at: clock.now.utc)
end
I found that if you want to revoke all tokens of a resource owner regardless of the application, you can just call:我发现,如果您想撤销资源所有者的所有令牌,而不管应用程序如何,您只需调用:
Doorkeeper::AccessToken.by_resource_owner(resource_owner).where(revoked_at: nil).update_all(revoked_at: Time.now.utc)
We can save a db call which figure out all application_ids.我们可以保存一个 db 调用来找出所有的 application_id。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.