Centralize logout method; delete OIDC sessions on logout

app/models/auth/User.model.js

@@ -154,6 +154,19 @@ class User extends AuthUser {
         return Group.find({ active: true, user_ids: this.id })
     }
 
+    async oidc_sessions() {
+        const Session = this.models.get('openid:Session')
+        return Session.find({ 'payload.account': this.id })
+    }
+
+    async logout(request) {
+        for ( const session of (await this.oidc_sessions()) ) {
+            await session.delete()
+        }
+
+        this.get_provider().logout(request)
+    }
+
     async to_ldap(iam_targets = []) {
         const Policy = this.models.get('iam:Policy')
 

app/models/openid/Session.model.js

@@ -0,0 +1,17 @@
+const { Model } = require('flitter-orm')
+
+class SessionModel extends Model {
+    static get services() {
+        return [...super.services, 'models']
+    }
+
+    static get schema() {
+        return {
+            payload: {
+                account: String,
+            },
+        }
+    }
+}
+
+module.exports = exports = SessionModel