Update function to remove expired session tokens to also remove an invalidated token

auth/session.go

@@ -86,23 +86,25 @@ func FindAndRemoveCurrentSessionToken(jsonWebTokenString string, secretKey strin
 	return "", sessionTokens
 }
 
-// RemoveOldSessionTokens checks the age of the session tokens and removes the ones that are older than the provided age.
-func RemoveOldSessionTokens(sessionTokens []string, age time.Duration) []string {
-	var validTokens []string
+// RemoveInvalidatedAndOldSessionTokens removes the provided invalidated session token, and checks the age of the
+// other session tokens and removes the ones that are older than the provided age.
+func RemoveInvalidatedAndOldSessionTokens(sessionTokens []string, invalidatedSessionToken string, age time.Duration) []string {
+	ageDurationAgo := date_utils.CurrentDate().Add(-1 * age)
+	validTokens := funk.FilterString(sessionTokens, func(sessionTokenString string) bool {
+		// Always remove the invalidated session token
+		if sessionTokenString == invalidatedSessionToken {
+			return false
+		}
 
-	oneWeekAgo := date_utils.CurrentDate().Add(-1 * age)
-	for _, sessionTokenString := range sessionTokens {
 		var sessionToken SessionToken
 		err := json.Unmarshal([]byte(sessionTokenString), &sessionToken)
 		if err != nil {
 			// If we can't unmarshal the token then it is not valid
-			continue
+			return false
 		}
 
-		// Keep the token if it was created in the past week
-		if sessionToken.TimeCreated.In(date_utils.CurrentLocation()).After(oneWeekAgo) {
-			validTokens = append(validTokens, sessionTokenString)
-		}
-	}
+		// Keep the token if it hasn't expired yet
+		return sessionToken.TimeCreated.In(date_utils.CurrentLocation()).After(ageDurationAgo)
+	})
 	return validTokens
 }