James Moger
7ab32b65fc
issue-361: Reset user cookie after administrative password change
Cookies were not reset on administrative password change of a user
account. This allowed accounts with changed passwords to continue
authenticating. Cookies are now reset on password changes, they are
validated on each page request, AND they will now expire 7 days after
generation.