https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292014-09-08T20:18:54ZRedmineRedmine - Patch #17796: Expire all other sessions on password changehttps://www.redmine.org/issues/17796?journal_id=585052014-09-08T20:18:54ZJean-Baptiste Barth
<ul><li><strong>Assignee</strong> set to <i>Jean-Baptiste Barth</i></li></ul><p>Good practice I think. Same as <a class="issue tracker-3 status-5 priority-4 priority-default closed" title="Patch: Password/Email address change should invalidate security tokens (Closed)" href="https://www.redmine.org/issues/17717">#17717</a>, I'd like to have some guidance about how we deal with that kind of patch. I didn't test this one but I'll review it and test it when I know what to do.</p> Redmine - Patch #17796: Expire all other sessions on password changehttps://www.redmine.org/issues/17796?journal_id=586272014-09-13T09:55:23ZJean-Philippe Langjp_lang@yahoo.fr
<ul></ul><p>We can commit this patch now, but I'd like to change the new column to <code>passwd_changed_on</code> instead of <code>password_changed_at</code>.</p> Redmine - Patch #17796: Expire all other sessions on password changehttps://www.redmine.org/issues/17796?journal_id=586412014-09-13T20:24:17ZEtienne Massip
<ul><li><strong>Project</strong> changed from <i>2</i> to <i>Redmine</i></li><li><strong>Category</strong> set to <i>Security</i></li><li><strong>Target version</strong> set to <i>2.6.0</i></li></ul> Redmine - Patch #17796: Expire all other sessions on password changehttps://www.redmine.org/issues/17796?journal_id=587192014-09-16T21:39:57ZJean-Baptiste Barth
<ul><li><strong>Status</strong> changed from <i>Needs feedback</i> to <i>Closed</i></li></ul><p>Added in <a class="changeset" title="Expire other sessions on password change (#17796). Contributed by Jan Schulz-Hofen." href="https://www.redmine.org/projects/redmine/repository/svn/revisions/13412">r13412</a> with the column name requested by Jean-Philippe, and a minor typo fixed in the test. Thanks!</p>