[fluffy]anyway unfortunately I have no way to revoke individual tokens, I can only bump my session key and sign everyone out and invalidate ALL tokens, because currently I use Authl in signed-token mode (using itsdangerous, which is roughly equivalent to jwt)
