You need check session always into your database to manage user sessions.
When change a password you need a simple update over session table, then
over every request in your site you need check if you password had a
change, if yes the user session set a null. Basically you need polling to
database
Hello people,
trying to implement a simple "change password" view this came out.
What's the best way to destroy session information for a user?
For example consider when the user changes its password. All session
data should be destroyed.
Thanks!
--
You received this message because you are s
2 matches
Mail list logo
