From 03c91664cbd68f73b4b136f2d86134b8ee97d0a3 Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Fri, 14 Jan 2022 13:44:33 +0100
Subject: [PATCH] :bug: Fix session invalidation issue on password change.

---
 backend/src/app/http/session.clj                |  2 +-
 backend/src/app/rpc/mutations/profile.clj       | 12 ++++++------
 frontend/src/app/main/ui/settings/password.cljs |  3 ++-
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/backend/src/app/http/session.clj b/backend/src/app/http/session.clj
index e6191cf56..90e3d217d 100644
--- a/backend/src/app/http/session.clj
+++ b/backend/src/app/http/session.clj
@@ -72,7 +72,7 @@
       (do
         (a/>!! (::events-ch cfg) id)
         (l/set-context! {:profile-id profile-id})
-        (handler (assoc request :profile-id profile-id)))
+        (handler (assoc request :profile-id profile-id :session-id id)))
       (handler request))))
 
 ;; --- STATE INIT: SESSION
diff --git a/backend/src/app/rpc/mutations/profile.clj b/backend/src/app/rpc/mutations/profile.clj
index 22d6e06c0..ab1a5a405 100644
--- a/backend/src/app/rpc/mutations/profile.clj
+++ b/backend/src/app/rpc/mutations/profile.clj
@@ -385,6 +385,12 @@
       (invalidate-profile-session! conn (:id profile) session-id)
       nil)))
 
+(defn- invalidate-profile-session!
+  "Removes all sessions except the current one."
+  [conn profile-id session-id]
+  (let [sql "delete from http_session where profile_id = ? and id != ?"]
+    (:next.jdbc/update-count (db/exec-one! conn [sql profile-id session-id]))))
+
 (defn- validate-password!
   [conn {:keys [profile-id old-password] :as params}]
   (let [profile (db/get-by-id conn :profile profile-id)]
@@ -399,12 +405,6 @@
               {:password (derive-password password)}
               {:id id}))
 
-(defn- invalidate-profile-session!
-  "Removes all sessions except the current one."
-  [conn profile-id session-id]
-  (let [sql "delete from http_session where profile_id = ? and id != ?"]
-    (:next.jdbc/update-count (db/exec-one! conn [sql profile-id session-id]))))
-
 ;; --- MUTATION: Update Photo
 
 (declare update-profile-photo)
diff --git a/frontend/src/app/main/ui/settings/password.cljs b/frontend/src/app/main/ui/settings/password.cljs
index 6c0f67221..12d43561e 100644
--- a/frontend/src/app/main/ui/settings/password.cljs
+++ b/frontend/src/app/main/ui/settings/password.cljs
@@ -27,7 +27,8 @@
       (st/emit! (dm/error msg)))))
 
 (defn- on-success
-  [_]
+  [form]
+  (reset! form nil)
   (let [msg (tr "dashboard.notifications.password-saved")]
     (st/emit! (dm/success msg))))