feat: add deleteAll method on access token provider (#260)

Author: radiumrasheed

modules/access_tokens_guard/token_providers/db.ts

@@ -320,6 +320,29 @@ export class DbAccessTokensProvider<
     return affectedRows as unknown as number
   }
 
+  /**
+   * Delete all tokens for a given user
+   *
+   * @param user - The user instance to delete tokens for
+   *
+   * @example
+   * const deletedCount = await provider.deleteAll(user)
+   * console.log('Deleted tokens:', deletedCount)
+   */
+  async deleteAll(user: InstanceType<TokenableModel>): Promise<number> {
+    this.#ensureIsPersisted(user)
+
+    const queryClient = await this.getDb()
+    const affectedRows = await queryClient
+      .query<number>()
+      .from(this.table)
+      .where({ tokenable_id: user.$primaryKeyValue, type: this.type })
+      .del()
+      .exec()
+
+    return affectedRows as unknown as number
+  }
+
   /**
    * Returns all the tokens for a given user
    *

tests/access_tokens/token_providers/db.spec.ts

@@ -722,6 +722,43 @@ test.group('Access tokens provider | DB | all', () => {
   })
 })
 
+test.group('Access tokens provider | DB | deleteAll', () => {
+  test('delete all tokens', async ({ assert }) => {
+    const db = await createDatabase()
+    await createTables(db)
+
+    class User extends BaseModel {
+      @column({ isPrimary: true })
+      declare id: number
+
+      @column()
+      declare username: string
+
+      @column()
+      declare email: string
+
+      @column()
+      declare password: string
+
+      static authTokens = DbAccessTokensProvider.forModel(User)
+    }
+
+    const user = await User.create({
+      email: '[email protected]',
+      username: 'virk',
+      password: 'secret',
+    })
+
+    await User.authTokens.create(user, ['*'], { expiresIn: '20 mins', name: 'List projects' })
+    await User.authTokens.create(user)
+    timeTravel(21 * 60)
+    const numberOfDeletedTokens = await User.authTokens.deleteAll(user)
+
+    assert.equal(numberOfDeletedTokens, 2)
+    assert.isEmpty(await User.authTokens.all(user))
+  })
+})
+
 test.group('Access tokens provider | DB | invalidate', () => {
   test('delete token identified by publicly shared token', async ({ assert }) => {
     const db = await createDatabase()