Resetting the password should also invalidate the token login cookies
This commit is contained in:
parent
0a614429af
commit
a8d0f84829
|
@ -67,6 +67,7 @@ class OC_Core_LostPassword_Controller {
|
||||||
if (isset($_POST['password'])) {
|
if (isset($_POST['password'])) {
|
||||||
if (OC_User::setPassword($args['user'], $_POST['password'])) {
|
if (OC_User::setPassword($args['user'], $_POST['password'])) {
|
||||||
OC_Preferences::deleteKey($args['user'], 'owncloud', 'lostpassword');
|
OC_Preferences::deleteKey($args['user'], 'owncloud', 'lostpassword');
|
||||||
|
OC_User::unsetMagicInCookie();
|
||||||
self::displayResetPasswordPage(true, $args);
|
self::displayResetPasswordPage(true, $args);
|
||||||
} else {
|
} else {
|
||||||
self::displayResetPasswordPage(false, $args);
|
self::displayResetPasswordPage(false, $args);
|
||||||
|
|
Loading…
Reference in New Issue