module.exports = Self => {
    Self.remoteMethodCtx('killSession', {
        description: 'Kill session',
        accepts: [{
            arg: 'userId',
            type: 'integer',
            description: 'The user id',
            required: true,
        }, {
            arg: 'created',
            type: 'date',
            description: 'The created time',
            required: true,
        }],
        accessType: 'WRITE',
        http: {
            path: `/killSession`,
            verb: 'POST'
        }
    });

    Self.killSession = async function(ctx, userId, created) {
        await Self.app.models.VnUser.userSecurity(ctx, ctx.req.accessToken.userId);
        const tokens = await Self.app.models.AccessToken.find({where: {userId, created}});
        if (!tokens?.length) return;
        for (const token of tokens)
            await Self.app.models.AccessToken.deleteById(token.id);
    };
};