Bearer Token Persistence

I’m implementing the persistence layer for bearer tokens by extending the DelegableAuthInfoRepository class and providing the necessary code for the find(loginInfo: LoginInfo) and other DAO actions. Since the API dictates to use LoginInfo, it is my understanding then, that there can be at most ONE token stored for each user + provider combination. Now what if a user authenticates, using the same provider credentials, from a second device while the first token is still valid. Reusing the first token would mean sign out from one device will sign out off all devices. But what if we do now want such a behavior and instead wish to generate a new token for the second device. In this scenario we are unable to store the token without overwriting the first token since we’re dependent upon the LoginInfo as the key for all actions (find, save etc.) and the API has no mechanism to distinguish the devices i.e. different sources. Any thoughts?

Never mind. I think I’ve found the answer after browsing through the included implementations provided in the persistence package. I should be extending AuthenticatorRepository instead. The AuthInfo vs Authenticator terminology threw me off.