diff --git a/appinfo/info.xml b/appinfo/info.xml
index dc8f67f3a4e10b399deb4dcd7ed96521ee63bc02..d54d53e40af32de4265b95d223752dcfc296fc24 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -10,7 +10,7 @@
- 12.0.0
+ 12.0.1
agpl
Murena SAS
EcloudAccounts
diff --git a/lib/Listeners/BeforeTemplateRenderedListener.php b/lib/Listeners/BeforeTemplateRenderedListener.php
index 622b6ebf9f2853749abca3218b2a284457d54ebd..0b1202bf3f6384aa2b6996a8791779e5d4caf4f2 100644
--- a/lib/Listeners/BeforeTemplateRenderedListener.php
+++ b/lib/Listeners/BeforeTemplateRenderedListener.php
@@ -47,6 +47,8 @@ class BeforeTemplateRenderedListener implements IEventListener {
if (strpos($pathInfo, '/settings/user/migration') !== false) {
$this->util->addScript($this->appName, $this->appName . '-settings-user-migration');
}
-
+ if (strpos($pathInfo, '/settings/user/security') !== false) {
+ $this->util->addScript($this->appName, $this->appName . '-settings-user-security');
+ }
}
}
diff --git a/lib/Listeners/PasswordUpdatedListener.php b/lib/Listeners/PasswordUpdatedListener.php
index 8d1dd8f85b361e0fee0b33008cee8983aa34db92..85b260ee85d094e08ee078f066b40a13e6644cc2 100644
--- a/lib/Listeners/PasswordUpdatedListener.php
+++ b/lib/Listeners/PasswordUpdatedListener.php
@@ -5,6 +5,7 @@ declare(strict_types=1);
namespace OCA\EcloudAccounts\Listeners;
use Exception;
+use OC\Authentication\Token\IProvider as TokenProvider;
use OCA\EcloudAccounts\AppInfo\Application;
use OCA\EcloudAccounts\Service\SSOService;
use OCP\EventDispatcher\Event;
@@ -21,12 +22,14 @@ class PasswordUpdatedListener implements IEventListener {
private ILogger $logger;
private ISession $session;
private IUserSession $userSession;
+ private TokenProvider $tokenProvider;
- public function __construct(SSOService $ssoService, ILogger $logger, ISession $session, IUserSession $userSession) {
+ public function __construct(SSOService $ssoService, ILogger $logger, ISession $session, IUserSession $userSession, TokenProvider $tokenProvider) {
$this->ssoService = $ssoService;
$this->logger = $logger;
$this->session = $session;
$this->userSession = $userSession;
+ $this->tokenProvider = $tokenProvider;
}
public function handle(Event $event): void {
@@ -46,5 +49,19 @@ class PasswordUpdatedListener implements IEventListener {
} catch (Exception $e) {
$this->logger->logException($e, ['app' => Application::APP_ID]);
}
+
+ // Remove all Nextcloud sessions/tokens for the user (invalidate cache + storage)
+ try {
+ $this->tokenProvider->invalidateTokensOfUser($username, null);
+ } catch (Exception $e) {
+ $this->logger->logException($e, ['app' => Application::APP_ID]);
+ }
+
+ // Finally, log out the current session (also clears remember-me cookies)
+ try {
+ $this->userSession->logout();
+ } catch (Exception $e) {
+ $this->logger->logException($e, ['app' => Application::APP_ID]);
+ }
}
}
diff --git a/src/settings-user-security.js b/src/settings-user-security.js
new file mode 100644
index 0000000000000000000000000000000000000000..809e9cdac4227a5ba864a182119a7f19ac77e398
--- /dev/null
+++ b/src/settings-user-security.js
@@ -0,0 +1,22 @@
+(function() {
+ const OriginalXhr = window.XMLHttpRequest
+
+ function PatchedXhr() {
+ const xhr = new OriginalXhr()
+
+ // We want to reload the page if password change request is successful
+ xhr.addEventListener('load', function() {
+ if (xhr.responseURL.includes('/settings/personal/changepassword') && xhr.status >= 200 && xhr.status < 300) {
+ setTimeout(() => window.location.reload(), 1000)
+ }
+ })
+
+ return xhr
+ }
+
+ // copy prototype to preserve methods
+ PatchedXhr.prototype = OriginalXhr.prototype
+
+ // replace global XHR
+ window.XMLHttpRequest = PatchedXhr
+})()
diff --git a/webpack.config.js b/webpack.config.js
index 762d20f72923a114b18d6b766596cd0eaa907df8..f9072bdb1b3d348c704d39de56d1b4dc5512552d 100644
--- a/webpack.config.js
+++ b/webpack.config.js
@@ -10,6 +10,7 @@ module.exports = {
'delete-account-listeners': path.join(__dirname, 'src/delete-account-listeners.js'),
'beta-user-setting': path.join(__dirname, 'src/beta-user-setting.js'),
'settings-user-migration': path.join(__dirname, 'src/settings-user-migration.js'),
+ 'settings-user-security': path.join(__dirname, 'src/settings-user-security.js'),
'signup': path.join(__dirname, 'src/signup.js')
},
}