core: add bulk session revocation#18564
Merged
dewi-tik merged 17 commits intogoauthentik:mainfrom Jan 22, 2026
Merged
Conversation
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-integrations ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #18564 +/- ##
==========================================
- Coverage 93.27% 93.22% -0.06%
==========================================
Files 949 949
Lines 52172 52187 +15
==========================================
- Hits 48664 48651 -13
- Misses 3508 3536 +28
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
rissson
reviewed
Dec 3, 2025
- Implemented BulkDeleteSessionSerializer for handling bulk session deletions. - Added bulk_delete action to AuthenticatedSessionViewSet for revoking sessions by user IDs. - Updated API schema to include new endpoint for bulk session deletion. - Modified UserBulkRevokeSessionsForm to utilize the new bulk delete API.
rissson
requested changes
Dec 4, 2025
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: CodeMax IT Solutions Pvt. Ltd. <137166088+cdmx-in@users.noreply.github.com>
PassiveSerializer for BulkDeleteSessionSerializer Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: CodeMax IT Solutions Pvt. Ltd. <137166088+cdmx-in@users.noreply.github.com>
user_pks instead of user_ids Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: CodeMax IT Solutions Pvt. Ltd. <137166088+cdmx-in@users.noreply.github.com>
Contributor
Author
|
@rissson, have made the requested changes, please review |
…ELETE method and query parameters
rissson
requested changes
Dec 5, 2025
Member
rissson
left a comment
There was a problem hiding this comment.
Just a minor nit, otherwise the backend looks good to me!
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: CodeMax IT Solutions Pvt. Ltd. <137166088+cdmx-in@users.noreply.github.com>
Contributor
Author
Done. :) |
Contributor
Author
|
Requesting a review for this PR, Please review and merge |
Member
|
hello, we're in the middle of a release, we'll take a look at this afterwards. Thanks again for your contribution! |
rissson
approved these changes
Jan 8, 2026
BeryJu
approved these changes
Jan 15, 2026
Member
|
@cdmx-in apart from the web lint job failing, this should be good to go. |
kensternberg-authentik
added a commit
that referenced
this pull request
Jan 31, 2026
* main: (115 commits) internal: fix incorrect metric calculation (#19701) core, web: update translations (#19684) core: bump goauthentik.io/api/v3 from 3.2026020.12 to 3.2026020.14 (#19686) lifecycle/aws: bump aws-cdk from 2.1101.0 to 2.1102.0 in /lifecycle/aws (#19687) core: bump goauthentik/selenium from 143.0-ak-0.35.3 to 144.0-ak-0.35.7 in /tests/e2e (#19688) core: bump msgraph-sdk from 1.52.0 to 1.53.0 (#19689) core: bump ruff from 0.14.13 to 0.14.14 (#19690) core: bump twilio from 9.9.1 to 9.10.0 (#19691) core: bump gunicorn from 23.0.0 to 24.0.0 (#19692) web: bump the bundler group across 1 directory with 3 updates (#19693) web: bump unist-util-visit from 5.0.0 to 5.1.0 in /web (#19694) web: bump globals from 17.0.0 to 17.1.0 in /web (#19695) ci: bump actions/checkout from 6.0.1 to 6.0.2 (#19696) web: Form Modal Independence: Part 1 (#19395) web/common: add dev middleware to show warnings for consecutive identical requests (#19671) web/admin: fix file upload not preserving extension for custom names with dots (#19548) web/admin: fix brand form sending "undefined" string for blank default application (#19658) providers/proxy: Fix incorrect comparison of redirect URL and CookieDomain (#15686) core: add bulk session revocation (#18564) website/docs: endpoint devices: add serial number note (#19677) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull Request: Add Bulk Session Revocation Functionality for Admins
Details
This PR adds bulk session revocation functionality for Admins.
UserBulkRevokeSessionsFormadded that allows administrators to revoke all active sessions for selected users, with a confirmation dialog to prevent accidental revocation.Changes Made
UserBulkRevokeSessionsForm.tscomponent for handling this bulk session revocationUserListPage.tsto integrate the new bulk action with the user listFiles Changed:
web/src/admin/users/UserBulkRevokeSessionsForm.ts(+207 lines)web/src/admin/users/UserListPage.ts(+82/-38 lines)