1
0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-11 19:46:22 +02:00

Force logout in any other sessions when a user changes their password

This commit is contained in:
Marco
2018-03-25 03:40:57 +02:00
parent 71ce2b58c9
commit a7c1ebcc9f

View File

@ -765,9 +765,12 @@ final class Auth extends UserManager {
public function changePasswordWithoutOldPassword($newPassword) { public function changePasswordWithoutOldPassword($newPassword) {
if ($this->isLoggedIn()) { if ($this->isLoggedIn()) {
$newPassword = self::validatePassword($newPassword); $newPassword = self::validatePassword($newPassword);
$userId = $this->getUserId(); $this->updatePasswordInternal($this->getUserId(), $newPassword);
$this->updatePasswordInternal($userId, $newPassword);
$this->deleteRememberDirectiveForUserById($userId); try {
$this->logOutEverywhereElse();
}
catch (NotLoggedInException $ignored) {}
} }
else { else {
throw new NotLoggedInException(); throw new NotLoggedInException();