revokeAuthorizationCode: (code) => {
                return app.db.models.User
                .findOne({ 'api.authorizationCode': code.code }, 'api')
                .exec()
                .then(user => {