cafe-grader-web Commit - r884:490fbe2ccf0b

cafe-grader-web

parent | child

Description:

force log out when password change

Commit status:

[Not Reviewed]

References:

tip algo

Diff options:

| | | |

Comments:

0 Commit comments 0 Inline Comments

Unresolved TODOs:

There are no unresolved TODOs

Add another comment

r884:490fbe2ccf0b - Fri, 28 Oct 2022 03:35:24 - 2 files changed: 6 inserted, 0 deleted

app/controllers/application_controller.rb ¶ +5

                     end
                   end
+            +     # check if password is changed
+            +     if session[:last_password_hash] != @current_user.hashed_password
+            +       unauthorized_redirect 'You are forced to log out.'
+            +     end
+            +
                   if GraderConfiguration.multicontests?
                     return true if @current_user.admin?
                     begin

app/controllers/login_controller.rb ¶ +1

                   #process logging in
                   session[:user_id] = user.id
+            +     session[:last_password_hash] = user.hashed_password
                   session[:admin] = user.admin?
                   # clear forced logout flag for multicontests contest change

You need to be logged in to leave comments. Login now

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings