From b0a4a1d3e4beaab5c02b87e202df2b24128e1e4b Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Wed, 28 Jul 2021 14:50:00 -0400
Subject: [PATCH] feat: allow revokeAllSessions method to revoke all sessions
 except that which is passed in (new arg)

---
 src/user/auth.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/user/auth.js b/src/user/auth.js
index 5ec8ab2030..9e4738514a 100644
--- a/src/user/auth.js
+++ b/src/user/auth.js
@@ -135,12 +135,15 @@ module.exports = function (User) {
 		]);
 	};
 
-	User.auth.revokeAllSessions = async function (uids) {
+	User.auth.revokeAllSessions = async function (uids, except) {
 		uids = Array.isArray(uids) ? uids : [uids];
 		const sids = await db.getSortedSetsMembers(uids.map(uid => `uid:${uid}:sessions`));
 		const promises = [];
 		uids.forEach((uid, index) => {
-			promises.push(sids[index].map(s => User.auth.revokeSession(s, uid)));
+			const ids = sids[index].filter(id => id !== except);
+			if (ids.length) {
+				promises.push(ids.map(s => User.auth.revokeSession(s, uid)));
+			}
 		});
 		await Promise.all(promises);
 	};