mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-03 14:47:30 +02:00
Code Issues Releases Wiki Activity

Forget remembered sessions when passwords are reset or changed

Browse Source
This commit is contained in:
Marco
2016-12-04 16:54:34 +01:00
parent 5e331924f6
commit f486ab6763
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Auth.php
View File

@@ -626,6 +626,9 @@ class Auth {
if (password_verify($oldPassword, $passwordInDatabase)) { if (password_verify($oldPassword, $passwordInDatabase)) {
// update the password in the database // update the password in the database
$this->updatePassword($userId, $newPassword); $this->updatePassword($userId, $newPassword);
// delete any remaining remember directives
$this->deleteRememberDirective($userId);
} }
else { else {
throw new InvalidPasswordException(); throw new InvalidPasswordException();
@@ -848,6 +851,9 @@ class Auth {
// update the password in the database // update the password in the database
$this->updatePassword($resetData['user'], $newPassword); $this->updatePassword($resetData['user'], $newPassword);
// delete any remaining remember directives
$this->deleteRememberDirective($resetData['user']);
try { try {
$this->db->delete( $this->db->delete(
'users_resets', 'users_resets',