invalidateToken method
Invalidates a token (single device logout)
token The token to invalidate
For JWT drivers: Blacklists access token and invalidates associated refresh token For Token drivers: Deletes the access token
Implementation
@override
Future<void> invalidateToken(String token) async {
// Use single device logout strategy by default for stateful tokens
final strategy = _strategyFactory.createStrategy(LogoutType.singleDevice);
// Get token info to create context
final tokenRecord = await _tokenService.findToken(token);
if (tokenRecord == null) {
throw AuthException('Invalid token');
}
final userId = tokenRecord['tokenable_id'];
// For Token driver, we don't have JWT expiry, so we pass null
// This tells the strategy to handle it as a stateful token
final context = TokenInvalidationContext.fromTokens(
accessToken: token,
userId: userId,
guard: _providerKey,
// No tokenExpiry for stateful tokens - this signals the strategy
// to use delete instead of blacklist
);
await strategy.invalidateTokens(context);
}