website/website/app/Http/Controllers/Account/TrustedDeviceController.php

<?php

declare(strict_types=1);

namespace App\Http\Controllers\Account;

use App\Http\Controllers\Controller;
use App\Models\TrustedDevice;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;

class TrustedDeviceController extends Controller
{
    public function destroy(Request $request, TrustedDevice $device): RedirectResponse
    {
        if ($device->user_id !== $request->user()->id) {
            abort(403, 'You do not own this trusted device.');
        }

        $device->delete();

        return redirect()->back()->with('success', 'Trusted device removed.');
    }

    public function destroyAll(Request $request): RedirectResponse
    {
        $request->user()->trustedDevices()->delete();

        return redirect()->back()->with('success', 'All trusted devices removed.');
    }
}