🐛 Fix logout

DysonNetwork.Pass/Account/AccountService.cs

@@ -449,8 +449,7 @@ public class AccountService(
 
     public async Task<AuthClient> UpdateDeviceName(Account account, string deviceId, string label)
     {
-        var device = await db.AuthClients.FirstOrDefaultAsync(
+        var device = await db.AuthClients.FirstOrDefaultAsync(c => c.DeviceId == deviceId && c.AccountId == account.Id
-            c => c.DeviceId == deviceId && c.AccountId == account.Id
         );
         if (device is null) throw new InvalidOperationException("Device was not found.");
 
@@ -470,11 +469,6 @@ public class AccountService(
             .FirstOrDefaultAsync();
         if (session is null) throw new InvalidOperationException("Session was not found.");
 
-        var sessions = await db.AuthSessions
-            .Include(s => s.Challenge)
-            .Where(s => s.AccountId == session.Id && s.Challenge.DeviceId == session.Challenge.DeviceId)
-            .ToListAsync();
-
         if (session.Challenge.ClientId.HasValue)
         {
             if (!await IsDeviceActive(session.Challenge.ClientId.Value))
@@ -484,40 +478,40 @@ public class AccountService(
         }
 
         // The current session should be included in the sessions' list
+        var now = SystemClock.Instance.GetCurrentInstant();
         await db.AuthSessions
             .Include(s => s.Challenge)
             .Where(s => s.Challenge.DeviceId == session.Challenge.DeviceId)
-            .ExecuteDeleteAsync();
+            .ExecuteUpdateAsync(p => p.SetProperty(s => s.DeletedAt, s => now));
 
-        foreach (var item in sessions)
+        await cache.RemoveAsync($"{AuthService.AuthCachePrefix}{session.Id}");
-            await cache.RemoveAsync($"{AuthService.AuthCachePrefix}{item.Id}");
     }
 
     public async Task DeleteDevice(Account account, string deviceId)
     {
-        var device = await db.AuthClients.FirstOrDefaultAsync(
+        var device = await db.AuthClients.FirstOrDefaultAsync(c => c.DeviceId == deviceId && c.AccountId == account.Id
-            c => c.DeviceId == deviceId && c.AccountId == account.Id
         );
         if (device is null)
             throw new InvalidOperationException("Device not found.");
 
         await pusher.UnsubscribePushNotificationsAsync(
-            new UnsubscribePushNotificationsRequest() { DeviceId = device.DeviceId }
+            new UnsubscribePushNotificationsRequest { DeviceId = device.DeviceId }
         );
 
-        db.AuthClients.Remove(device);
-        await db.SaveChangesAsync();
-
         var sessions = await db.AuthSessions
             .Include(s => s.Challenge)
-            .Where(s => s.Challenge.ClientId == device.Id)
+            .Where(s => s.Challenge.ClientId == device.Id && s.AccountId == account.Id)
             .ToListAsync();
 
         // The current session should be included in the sessions' list
+        var now = SystemClock.Instance.GetCurrentInstant();
         await db.AuthSessions
             .Include(s => s.Challenge)
             .Where(s => s.Challenge.DeviceId == device.DeviceId)
-            .ExecuteDeleteAsync();
+            .ExecuteUpdateAsync(p => p.SetProperty(s => s.DeletedAt, s => now));
+        
+        db.AuthClients.Remove(device);
+        await db.SaveChangesAsync();
 
         foreach (var item in sessions)
             await cache.RemoveAsync($"{AuthService.AuthCachePrefix}{item.Id}");