Reviewed: https://reviews.mahara.org/8414 Committed: https://git.mahara.org/mahara/mahara/commit/a3f4c200910b98bdd0de19510cfac023eee5ad3e Submitter: Robert Lyon (robe...@catalyst.net.nz) Branch: 17.04_STABLE
commit a3f4c200910b98bdd0de19510cfac023eee5ad3e Author: Robert Lyon <robe...@catalyst.net.nz> Date: Wed Jan 10 08:58:19 2018 +1300 Bug 1471103: Force user to login after password reset via CLI script Kill any sessions that the account may have active behatnotneeded Change-Id: I602fe94262c453eae1f5e1faf83d7709720bd906 Signed-off-by: Robert Lyon <robe...@catalyst.net.nz> (cherry picked from commit 8224721372cbf66cf742938879fa0f30f18ca47f) -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1471103 Title: Make the password reset CLI script log out the user Status in Mahara: Fix Committed Status in Mahara 16.10 series: Fix Committed Status in Mahara 17.04 series: Fix Committed Status in Mahara 17.10 series: Fix Committed Status in Mahara 18.04 series: Fix Committed Bug description: In Bug 1396564 we added a command-line script for resetting Mahara passwords. Robert pointed out that this script should end any current sessions for the user. The idea is that, if their password needs to be reset because their account has been hacked, then we should kick out any remaining sessions that are logged-in, because the attacker could use those to re-reset their password. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1471103/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
