invalidateTokens method
Invalidates tokens according to the strategy
context Context containing necessary information for invalidation
This could include access token, refresh token, user ID, etc.
Implementation
@override
Future<void> invalidateTokens(TokenInvalidationContext context) async {
// Blacklist/delete the current access token
if (context.accessToken != null && context.tokenExpiry != null) {
// JWT tokens - blacklist the access token
final blacklistData = {
'token': context.accessToken!,
'tokenable_id': context.userId,
'guard': context.guard,
'type': 'blacklist',
'created_at': DateTime.now().toIso8601String(),
'expires_at': DateTime.fromMillisecondsSinceEpoch(
context.tokenExpiry! * 1000,
).toIso8601String(),
};
await _tokenService.blacklistToken(blacklistData);
} else if (context.accessToken != null) {
// Stateful tokens - delete the access token
await _tokenService.deleteToken(context.accessToken!);
}
// Delete ALL tokens for this user (complete logout from all devices)
await _tokenService.deleteUserTokens(
context.userId,
guard: context.guard,
filter: {
"type": ["access", "refresh"],
},
);
}