feat: Implement endpoint for invalidating all sessions for a given identity

[harnash]

This PR introduces endpoint to destroy all sessions for a given identity which effectively logouts user from all devices/sessions. This is useful when for some security concern we want to make sure there are no "old" sessions active or other "staff" related actions (such as force logout after password change etc.).

Contributes to #655

Checklist

• I have read the contributing guidelines.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security. vulnerability, I
  confirm that I got green light (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

[codecov]

Codecov Report

Merging #1740 (ff140dc) into master (28ad689) will increase coverage by 0.16%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #1740      +/-   ##
==========================================
+ Coverage   73.94%   74.10%   +0.16%     
==========================================
  Files         260      260              
  Lines       12701    12714      +13     
==========================================
+ Hits         9392     9422      +30     
+ Misses       2682     2667      -15     
+ Partials      627      625       -2     

Impacted Files	Coverage Δ
driver/registry_default.go	87.37% <100.00%> (+0.04%)	⬆️
session/handler.go	92.64% <100.00%> (+8.71%)	⬆️
persistence/sql/persister_courier.go	85.00% <0.00%> (-3.34%)	⬇️
x/nosurf.go	93.82% <0.00%> (+1.23%)	⬆️
courier/courier.go	68.34% <0.00%> (+10.07%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 28ad689...ff140dc. Read the comment docs.

[zepatrik]

Have you seen #655? It covers your use case as well. Just FYI and for linking this PR to that issue.
Not too happy about the path of the endpoint, but don't have a better idea right now 😅

[harnash]

Have you seen #655? It covers your use case as well. Just FYI and for linking this PR to that issue.

Oh. I've missed that. Thanks!

Not too happy about the path of the endpoint, but don't have a better idea right now 😅

Yeah. I would choose something more appropriate but moving it to /identites (I think I've tried that once) causes circular dependencies issues.

[aeneasr]

Awesome, thank you for your contribution! This looks pretty good and I have some ideas how to improve it further :)

[aeneasr]

Great! Just one minor thing :)