vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Make sure to conduct login after the password change now that the session will be invalidated for the user

Browse source
This commit is contained in:
Joseph Schorr 2015-03-26 20:04:32 -04:00
parent 7b1d35737e
commit 384d6083c4
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
endpoints/api/user.py
View file

@ -225,8 +225,13 @@ class User(ApiResource):
if 'password' in user_data: if 'password' in user_data:
logger.debug('Changing password for user: %s', user.username) logger.debug('Changing password for user: %s', user.username)
log_action('account_change_password', user.username) log_action('account_change_password', user.username)
# Change the user's password.
model.change_password(user, user_data['password']) model.change_password(user, user_data['password'])
# Login again to reset their session cookie.
common_login(user)
if features.MAILING: if features.MAILING:
send_password_changed(user.username, user.email) send_password_changed(user.username, user.email)