mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-07-11 19:46:22 +02:00
Code Issues Releases Wiki Activity

Force logout in any other sessions when a user changes their password

Browse Source
This commit is contained in:
Marco
2018-03-25 03:40:57 +02:00
parent 71ce2b58c9
commit a7c1ebcc9f
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Auth.php
View File

@ -765,9 +765,12 @@ final class Auth extends UserManager {
public function changePasswordWithoutOldPassword($newPassword) {
if ($this->isLoggedIn()) {
$newPassword = self::validatePassword($newPassword);
$userId = $this->getUserId();
$this->updatePasswordInternal($userId, $newPassword);
$this->deleteRememberDirectiveForUserById($userId);
$this->updatePasswordInternal($this->getUserId(), $newPassword);
try {
$this->logOutEverywhereElse();
}
catch (NotLoggedInException $ignored) {}
}
else {
throw new NotLoggedInException();