diff --git a/DNN Platform/HttpModules/Membership/MembershipModule.cs b/DNN Platform/HttpModules/Membership/MembershipModule.cs
index d9b15db0916..93fae9b3f7a 100644
--- a/DNN Platform/HttpModules/Membership/MembershipModule.cs
+++ b/DNN Platform/HttpModules/Membership/MembershipModule.cs
@@ -30,10 +30,12 @@
using DotNetNuke.Application;
using DotNetNuke.Common;
using DotNetNuke.Common.Utilities;
+using DotNetNuke.Entities.Controllers;
using DotNetNuke.Entities.Host;
using DotNetNuke.Entities.Portals;
using DotNetNuke.Entities.Users;
using DotNetNuke.HttpModules.Services;
+using DotNetNuke.Instrumentation;
using DotNetNuke.Security;
using DotNetNuke.Security.Roles;
using DotNetNuke.Services.Localization;
@@ -52,6 +54,8 @@ namespace DotNetNuke.HttpModules.Membership
///
public class MembershipModule : IHttpModule
{
+ private static readonly ILog Logger = LoggerSource.Instance.GetLogger(typeof(MembershipModule));
+
private static readonly Regex NameRegex = new Regex(@"\w+[\\]+(?=)", RegexOptions.Compiled);
private static string _cultureCode;
@@ -184,9 +188,7 @@ public static void AuthenticateRequest(HttpContextBase context, bool allowUnknow
}
//authenticate user and set last login ( this is necessary for users who have a permanent Auth cookie set )
- if (user == null || user.IsDeleted || user.Membership.LockedOut
- || (!user.Membership.Approved && !user.IsInRole("Unverified Users"))
- || !user.Username.Equals(context.User.Identity.Name, StringComparison.InvariantCultureIgnoreCase))
+ if (RequireLogout(context, user))
{
var portalSecurity = PortalSecurity.Instance;
portalSecurity.SignOut();
@@ -256,5 +258,33 @@ public static void AuthenticateRequest(HttpContextBase context, bool allowUnknow
context.Items.Add("UserInfo", new UserInfo());
}
}
+
+ private static bool RequireLogout(HttpContextBase context, UserInfo user)
+ {
+ try
+ {
+ if (user == null || user.IsDeleted || user.Membership.LockedOut
+ || !user.Membership.Approved && !user.IsInRole("Unverified Users")
+ || !user.Username.Equals(context.User.Identity.Name, StringComparison.InvariantCultureIgnoreCase))
+ {
+ return true;
+ }
+
+ var forceLogout = HostController.Instance.GetBoolean("ForceLogoutAfterPasswordChanged");
+ if (!forceLogout)
+ {
+ return false;
+ }
+
+ // if user's password changed after the user cookie created, then force user to login again.
+ var issueDate = ((FormsIdentity)context.User.Identity)?.Ticket.IssueDate;
+ return !Null.IsNull(issueDate) && issueDate < user.Membership.LastPasswordChangeDate;
+ }
+ catch (Exception ex)
+ {
+ Logger.Error(ex);
+ return true;
+ }
+ }
}
}
\ No newline at end of file
diff --git a/Website/DesktopModules/Admin/Security/EditUser.ascx.cs b/Website/DesktopModules/Admin/Security/EditUser.ascx.cs
index beae68eaf8c..d5ae7c1eb5b 100644
--- a/Website/DesktopModules/Admin/Security/EditUser.ascx.cs
+++ b/Website/DesktopModules/Admin/Security/EditUser.ascx.cs
@@ -590,6 +590,7 @@ private void PasswordUpdated(object sender, Password.PasswordUpdatedEventArgs e)
{
//The User changed his own password
Mail.SendMail(User, MessageType.UserUpdatedOwnPassword, PortalSettings);
+ PortalSecurity.Instance.SignIn(User, false);
}
AddModuleMessage("PasswordChanged", ModuleMessage.ModuleMessageType.GreenSuccess, true);
}
diff --git a/Website/Install/DotNetNuke.install.config.resources b/Website/Install/DotNetNuke.install.config.resources
index eeb5a769cbd..4f843345076 100644
--- a/Website/Install/DotNetNuke.install.config.resources
+++ b/Website/Install/DotNetNuke.install.config.resources
@@ -44,6 +44,7 @@
N
jpg,jpeg,jpe,gif,bmp,png,svg,ttf,eot,woff,doc,docx,xls,xlsx,ppt,pptx,pdf,txt,xml,xsl,xsd,css,zip,rar,template,htmtemplate,ico,avi,mpg,mpeg,mp3,wmv,mov,wav,mp4,webm,ogv
+ Y
http://www.dnnsoftware.com/help
USD