Is there a way to force a mass logout?

I recently updated my internal instance to use SSO, and I want to force all users to re-login to validate their accounts against the other system.

Can I force every user to logout or is the only way to do it one by one?

./launcher enter app
rails c
UserAuthToken.destroy_all
14 Likes

Any comments here @sam? This would also be duplicated on the “my Discourse was compromised” topic.

UserAuthToken.destroy_all would do the trick, you also would want to revoke api keys so that is 2 additional tables to nuke, ApiKey and UserApiKey.

5 Likes