Users are now logged out automatically when following a password reset link

By fabianx on 1 July 2016

Change record status:

Published (View all published change records)

Project:

Drupal core

Introduced in branch:

7.x

Introduced in version:

7.50

Issue links:

https://www.drupal.org/node/889772

Description:

As of Drupal 7.50 users will be automatically logged out when following a password reset link in case they had already been logged in as the same user.

This allows them to change their password using the same workflow as when they had been logged out in the first place.

The previous behavior was to show a message that they are already logged in and should change their password, which they could not do as the current password was required.

If the user using the login link is not the same user as the logged in user, the behavior remains the same: The user is shown the message to log out first and use the link again.

Impacts:

Site builders, administrators, editors

Comments

Hi,

RAWDESK commented 1 June 2018 at 13:42

Hi,
Nice fix. Now we need to port to our legacy custom user hooks and handlers...

Users are now logged out automatically when following a password reset link

Comments

Hi,

News items

Our community

Documentation

Drupal code base

Governance of community