diff --git a/app/Http/Controllers/Api/Client/AccountController.php b/app/Http/Controllers/Api/Client/AccountController.php index 965d01264..d956fc65b 100644 --- a/app/Http/Controllers/Api/Client/AccountController.php +++ b/app/Http/Controllers/Api/Client/AccountController.php @@ -4,6 +4,8 @@ namespace Pterodactyl\Http\Controllers\Api\Client; use Illuminate\Http\Request; use Illuminate\Http\Response; +use Illuminate\Auth\AuthManager; +use Illuminate\Http\JsonResponse; use Pterodactyl\Services\Users\UserUpdateService; use Pterodactyl\Transformers\Api\Client\AccountTransformer; use Pterodactyl\Http\Requests\Api\Client\Account\UpdateEmailRequest; @@ -16,16 +18,23 @@ class AccountController extends ClientApiController */ private $updateService; + /** + * @var \Illuminate\Auth\SessionGuard + */ + private $sessionGuard; + /** * AccountController constructor. * + * @param \Illuminate\Auth\AuthManager $sessionGuard * @param \Pterodactyl\Services\Users\UserUpdateService $updateService */ - public function __construct(UserUpdateService $updateService) + public function __construct(AuthManager $sessionGuard, UserUpdateService $updateService) { parent::__construct(); $this->updateService = $updateService; + $this->sessionGuard = $sessionGuard; } /** @@ -56,18 +65,21 @@ class AccountController extends ClientApiController } /** - * Update the authenticated user's password. + * Update the authenticated user's password. All existing sessions will be logged + * out immediately. * * @param \Pterodactyl\Http\Requests\Api\Client\Account\UpdatePasswordRequest $request - * @return \Illuminate\Http\Response + * @return \Illuminate\Http\JsonResponse * * @throws \Pterodactyl\Exceptions\Model\DataValidationException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException */ - public function updatePassword(UpdatePasswordRequest $request): Response + public function updatePassword(UpdatePasswordRequest $request): \Illuminate\Http\JsonResponse { $this->updateService->handle($request->user(), $request->validated()); - return response('', Response::HTTP_CREATED); + $this->sessionGuard->logoutOtherDevices($request->input('current_password')); + + return JsonResponse::create([], Response::HTTP_NO_CONTENT); } } diff --git a/resources/scripts/components/dashboard/forms/UpdatePasswordForm.tsx b/resources/scripts/components/dashboard/forms/UpdatePasswordForm.tsx index b07e8f1af..1df37bc44 100644 --- a/resources/scripts/components/dashboard/forms/UpdatePasswordForm.tsx +++ b/resources/scripts/components/dashboard/forms/UpdatePasswordForm.tsx @@ -34,8 +34,8 @@ export default () => { clearFlashes('account:password'); updateAccountPassword({ ...values }) .then(() => { - resetForm(); - addFlash({ key: 'account:password', type: 'success', message: 'Your password has been updated.' }); + // @ts-ignore + window.location = '/auth/login'; }) .catch(error => addFlash({ key: 'account:password', diff --git a/resources/scripts/components/elements/ContentBox.tsx b/resources/scripts/components/elements/ContentBox.tsx index 8fc74ea61..59d210680 100644 --- a/resources/scripts/components/elements/ContentBox.tsx +++ b/resources/scripts/components/elements/ContentBox.tsx @@ -11,7 +11,12 @@ type Props = Readonly (
{title &&

{title}

} - {showFlashes && } + {showFlashes && + + }