Ability to force-logout users via API #6061
Description
API Endpoint or Feature
The endpoint should be able to terminate all active sessions of a user.
Use-Case
We are using Bookstack with OIDC, and when we deactivate users in our SSO, they still have an active session in Bookstack and can fully used it for a few hours.
Additional context
We don't want to delete users instantly and Bookstack users dont have a deactivated attribute, so deleting all sessions and preventing login is probably the closest thing we can do in that regard, right?
Is there already a way to programmatically revoke user sessions like that, or do "deactivation" in some other way?