From a9aab6b7e5e006a8b8a4c46fc2a8545c19d78765 Mon Sep 17 00:00:00 2001
From: LittleSheep <littlesheep.code@hotmail.com>
Date: Fri, 15 Aug 2025 03:00:13 +0800
Subject: [PATCH] :bug: Add missing logout device

---
 .../Account/AccountCurrentController.cs       | 19 ++++++++++++-
 DysonNetwork.Pass/Account/AccountService.cs   | 27 ++++++++++++++++++-
 2 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/DysonNetwork.Pass/Account/AccountCurrentController.cs b/DysonNetwork.Pass/Account/AccountCurrentController.cs
index ddc96de..5cec791 100644
--- a/DysonNetwork.Pass/Account/AccountCurrentController.cs
+++ b/DysonNetwork.Pass/Account/AccountCurrentController.cs
@@ -509,6 +509,23 @@ public class AccountCurrentController(
         }
     }
 
+    [HttpDelete("devices/{deviceId}")]
+    [Authorize]
+    public async Task<ActionResult<AuthSession>> DeleteDevice(string deviceId)
+    {
+        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
+
+        try
+        {
+            await accounts.DeleteDevice(currentUser, deviceId);
+            return NoContent();
+        }
+        catch (Exception ex)
+        {
+            return BadRequest(ex.Message);
+        }
+    }
+
     [HttpDelete("sessions/current")]
     [Authorize]
     public async Task<ActionResult<AuthSession>> DeleteCurrentSession()
@@ -738,4 +755,4 @@ public class AccountCurrentController(
             return BadRequest(ex.Message);
         }
     }
-}
\ No newline at end of file
+}
diff --git a/DysonNetwork.Pass/Account/AccountService.cs b/DysonNetwork.Pass/Account/AccountService.cs
index c9657ea..9e2a8de 100644
--- a/DysonNetwork.Pass/Account/AccountService.cs
+++ b/DysonNetwork.Pass/Account/AccountService.cs
@@ -492,7 +492,7 @@ public class AccountService(
         {
             if (!await IsDeviceActive(session.Challenge.ClientId.Value))
                 await pusher.UnsubscribePushNotificationsAsync(new UnsubscribePushNotificationsRequest()
-                    { DeviceId = session.Challenge.Client!.DeviceId }
+                { DeviceId = session.Challenge.Client!.DeviceId }
                 );
         }
 
@@ -506,6 +506,31 @@ public class AccountService(
             await cache.RemoveAsync($"{DysonTokenAuthHandler.AuthCachePrefix}{item.Id}");
     }
 
+    public async Task DeleteDevice(Account account, string deviceId)
+    {
+        var device = await db.AuthClients.FirstOrDefaultAsync(c => c.DeviceId == deviceId && c.AccountId == account.Id);
+        if (device is null)
+            throw new InvalidOperationException("Device not found.");
+
+        await pusher.UnsubscribePushNotificationsAsync(
+            new UnsubscribePushNotificationsRequest() { DeviceId = device.DeviceId }
+        );
+
+        var sessions = await db.AuthSessions
+            .Include(s => s.Challenge)
+            .Where(s => s.Challenge.ClientId == device.Id)
+            .ToListAsync();
+
+        // The current session should be included in the sessions' list
+        await db.AuthSessions
+            .Include(s => s.Challenge)
+            .Where(s => s.Challenge.DeviceId == device.DeviceId)
+            .ExecuteDeleteAsync();
+
+        foreach (var item in sessions)
+            await cache.RemoveAsync($"{DysonTokenAuthHandler.AuthCachePrefix}{item.Id}");
+    }
+
     public async Task<AccountContact> CreateContactMethod(Account account, AccountContactType type, string content)
     {
         var isExists = await db.AccountContacts