Expire other sessions on password change (#17796).

Contributed by Jan Schulz-Hofen. git-svn-id: http://svn.redmine.org/redmine/trunk@13412 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com> 2014-09-16 21:38:54 +0000
committer: Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com> 2014-09-16 21:38:54 +0000
commit: b519aba63ee0043ffd60f9002fc236f717d9f172 (patch)
tree: 4e8a47e052704bc97318550c316138c2c3977d87 /app/controllers/my_controller.rb
parent: e632a79d59fc90ef0076f741f16b84fb689b99df (diff)
download: redmine-b519aba63ee0043ffd60f9002fc236f717d9f172.tar.gz
redmine-b519aba63ee0043ffd60f9002fc236f717d9f172.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb
index 59d1d2d0f..714b23857 100644
--- a/app/controllers/my_controller.rb
+++ b/app/controllers/my_controller.rb
@@ -100,6 +100,9 @@ class MyController < ApplicationController
         @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
         @user.must_change_passwd = false
         if @user.save
+          # Reset the session creation time to not log out this session on next
+          # request due to ApplicationController#force_logout_if_password_changed
+          session[:ctime] = Time.now.utc.to_i
           flash[:notice] = l(:notice_account_password_updated)
           redirect_to my_account_path
         end
author	Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com>	2014-09-16 21:38:54 +0000
committer	Jean-Baptiste Barth <jeanbaptiste.barth@gmail.com>	2014-09-16 21:38:54 +0000
commit	b519aba63ee0043ffd60f9002fc236f717d9f172 (patch)
tree	4e8a47e052704bc97318550c316138c2c3977d87 /app/controllers/my_controller.rb
parent	e632a79d59fc90ef0076f741f16b84fb689b99df (diff)
download	redmine-b519aba63ee0043ffd60f9002fc236f717d9f172.tar.gz redmine-b519aba63ee0043ffd60f9002fc236f717d9f172.zip