Invalidate session cookie if password changes

Open on Drupal.org →

Created on 19 July 2024, 4 months ago

Currently an entity remains accessible via a session even when the password changes. A user would expect the session access to be invalidated at that point. Otherwise this poses a security risk.

✨ Feature request

Status

Active

Version

1.1

Component

Code

Created by

🇩🇪Germany markdc Hamburg

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Comments & Activities

Issue created by @markdc

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024