diff --git a/app/Actions/Fortify/ResetUserPassword.php b/app/Actions/Fortify/ResetUserPassword.php
index d3727a52c..158996c90 100644
--- a/app/Actions/Fortify/ResetUserPassword.php
+++ b/app/Actions/Fortify/ResetUserPassword.php
@@ -24,5 +24,6 @@ class ResetUserPassword implements ResetsUserPasswords
$user->forceFill([
'password' => Hash::make($input['password']),
])->save();
+ $user->deleteAllSessions();
}
}
diff --git a/app/Console/Commands/RootResetPassword.php b/app/Console/Commands/RootResetPassword.php
index f36c11a4f..8d440ebd7 100644
--- a/app/Console/Commands/RootResetPassword.php
+++ b/app/Console/Commands/RootResetPassword.php
@@ -39,7 +39,8 @@ class RootResetPassword extends Command
}
$this->info('Updating root password...');
try {
- User::find(0)->update(['password' => Hash::make($password)]);
+ $user = User::find(0);
+ $user->update(['password' => Hash::make($password)]);
$this->info('Root password updated successfully.');
} catch (\Exception $e) {
$this->error('Failed to update root password.');
diff --git a/app/Livewire/Profile/Index.php b/app/Livewire/Profile/Index.php
index 53314cd5c..788802353 100644
--- a/app/Livewire/Profile/Index.php
+++ b/app/Livewire/Profile/Index.php
@@ -70,6 +70,7 @@ class Index extends Component
$this->current_password = '';
$this->new_password = '';
$this->new_password_confirmation = '';
+ $this->dispatch('reloadWindow');
} catch (\Throwable $e) {
return handleError($e, $this);
}
diff --git a/app/Models/User.php b/app/Models/User.php
index 7c23631c3..f59f506fc 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -4,6 +4,7 @@ namespace App\Models;
use App\Notifications\Channels\SendsEmail;
use App\Notifications\TransactionalEmails\ResetPassword as TransactionalEmailsResetPassword;
+use App\Traits\DeletesUserSessions;
use DateTimeInterface;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
@@ -37,7 +38,7 @@ use OpenApi\Attributes as OA;
)]
class User extends Authenticatable implements SendsEmail
{
- use HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
+ use DeletesUserSessions, HasApiTokens, HasFactory, Notifiable, TwoFactorAuthenticatable;
protected $guarded = [];
@@ -57,6 +58,7 @@ class User extends Authenticatable implements SendsEmail
protected static function boot()
{
parent::boot();
+
static::created(function (User $user) {
$team = [
'name' => $user->name."'s Team",
diff --git a/app/Traits/DeletesUserSessions.php b/app/Traits/DeletesUserSessions.php
new file mode 100644
index 000000000..2581d4203
--- /dev/null
+++ b/app/Traits/DeletesUserSessions.php
@@ -0,0 +1,34 @@
+where('user_id', $this->id)->delete();
+ }
+
+ /**
+ * Boot the trait.
+ */
+ protected static function bootDeletesUserSessions()
+ {
+ static::updated(function ($user) {
+ // Check if password was changed
+ if ($user->isDirty('password')) {
+ $user->deleteAllSessions();
+ }
+ });
+ }
+}
diff --git a/resources/views/livewire/profile/index.blade.php b/resources/views/livewire/profile/index.blade.php
index bc9f19f56..967c71746 100644
--- a/resources/views/livewire/profile/index.blade.php
+++ b/resources/views/livewire/profile/index.blade.php
@@ -19,6 +19,7 @@
Change Password
Save
+ Resetting the password will logout all sessions.
@@ -36,23 +37,21 @@
-
+
{!! request()->user()->twoFactorQrCodeSvg() !!}