all(); Guard::requireLogin(); $currentUserId = (int) ($session['user']['id'] ?? 0); $authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class); $decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_TOKENS_REVOKE, [ 'actor_user_id' => $currentUserId, ]); if (!$decision->isAllowed()) { Guard::deny(); } if (requestInput()->method() !== 'POST') { Router::redirect('admin/settings'); } $errorBag = formErrors(); if (!Session::checkCsrfToken()) { $errorBag->addGlobal(t('Form expired, please try again')); flashFormErrors($errorBag, 'admin/settings', 'settings_tokens_revoke'); Router::redirect('admin/settings'); } $apiTokenService = app(\MintyPHP\Service\Auth\ApiTokenService::class); $count = $apiTokenService->revokeAllByAdmin(); Flash::success(sprintf(t('%d API tokens revoked'), $count), 'admin/settings', 'api_tokens_revoked'); Router::redirect('admin/settings');