View Issue Details

IDProjectCategoryView StatusLast Update
0022840mantisbtauthenticationpublic2019-08-25 13:02
Reporterdregad Assigned Todregad  
PrioritynormalSeverityminorReproducibilitysometimes
Status assignedResolutionopen 
Target Version2.23.0 
Summary0022840: Don't expire user sessions when updating password hash after login method change
Description

As per @vboctor's suggestion

user_set_password() assumes that it is being called by a user, so it updates the cookie to expire browser sessions.

The same function is used by authentication API's auth_does_password_match() when updating the password hashes after a change of login method, only in this case there is no need to expire the sessions since the password itself is not changing - only the way it is stored in the database.

TagsNo tags attached.

Activities

Issue History

Date Modified Username Field Change
2017-05-06 17:43 dregad New Issue
2017-05-06 17:43 dregad Assigned To => dregad
2017-05-06 17:43 dregad Status new => assigned
2017-05-06 18:14 dregad Note Added: 0056787
2017-06-04 16:19 atrol Target Version 2.5.0 => 2.6.0
2017-09-03 18:50 vboctor Target Version 2.6.0 => 2.7.0
2017-10-08 23:55 vboctor Target Version 2.7.0 => 2.8.0
2017-10-28 19:14 vboctor Target Version 2.8.0 => 2.9.0
2017-12-04 02:25 vboctor Target Version 2.9.0 => 2.10.0
2017-12-30 18:39 vboctor Target Version 2.10.0 => 2.11.0
2018-02-06 21:22 vboctor Target Version 2.11.0 => 2.12.0
2018-03-04 00:41 vboctor Target Version 2.12.0 => 2.13.0
2018-03-31 20:06 vboctor Target Version 2.13.0 => 2.14.0
2018-04-29 19:27 vboctor Target Version 2.14.0 => 2.15.0
2018-06-06 00:43 vboctor Target Version 2.15.0 => 2.16.0
2018-07-30 05:32 atrol Target Version 2.16.0 => 2.17.0
2018-09-04 01:27 vboctor Target Version 2.17.0 => 2.18.0
2018-10-16 23:45 vboctor Target Version 2.18.0 => 2.19.0
2019-01-02 17:32 vboctor Target Version 2.19.0 => 2.20.0
2019-03-16 20:33 vboctor Target Version 2.20.0 => 2.21.0
2019-04-21 05:25 atrol Target Version 2.21.0 => 2.22.0
2019-08-25 13:02 vboctor Target Version 2.22.0 => 2.23.0