Invalidate sessions when user is changed to enable/disabled status

ticket https://gitlab.e.foundation/e/infra/backlog/-/issues/4106

So as after user is disabled, we want to disallow token. so better if we just remove sessions and log out.