Add revokeAllSessions handler, when password is reset

2025-01-23 01:23:59 +00:00 · 2016-07-01 09:51:22 +01:00 · 2016-07-01 09:51:22 +01:00 · 88bef5c5ea
commit 88bef5c5ea
parent 03fedafaf5
2 changed files with 10 additions and 7 deletions
--- a/services/web/app/coffee/Features/User/UserController.coffee
+++ b/services/web/app/coffee/Features/User/UserController.coffee
@ -121,16 +121,15 @@ module.exports = UserController =
 					logger.log user: user, "password changed"
 					AuthenticationManager.setUserPassword user._id, newPassword1, (error) ->
 						return next(error) if error?
-						res.send
-							message:
-							  type:'success'
-							  text:'Your password has been changed'
+						UserSessionsManager.revokeAllSessions user, (err) ->
+							return next(err) if err
+							res.send
+								message:
+									type:'success'
+									text:'Your password has been changed'
 			else
 				logger.log user: user, "current password wrong"
 				res.send
 					message:
 					  type:'error'
 					  text:'Your old password is wrong'
-
-
-
--- a/services/web/app/coffee/Features/User/UserSessionsManager.coffee
+++ b/services/web/app/coffee/Features/User/UserSessionsManager.coffee
@ -34,3 +34,7 @@ module.exports = UserSessionsManager =
 				logger.err {err, user_id: user._id, sessionId}, "error while removing session key from UserSessions set"
 				return callback(err)
 			callback()
+
+	revokeAllSessions: (user, callback=(err)->) ->
+		logger.log {user_id: user._id}, "revoking all existing sessions for user"
+		callback(null)