[wp-trac] [WordPress Trac] #61366: A password change should not destroy a user's session data.
WordPress Trac
noreply at wordpress.org
Mon Jun 17 16:39:16 UTC 2024
#61366: A password change should not destroy a user's session data.
------------------------------------+------------------------------
Reporter: snicco | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: 6.5.3
Severity: minor | Resolution:
Keywords: | Focuses:
------------------------------------+------------------------------
Comment (by snicco):
Other sessions are always invalidated because the users password hash is
part of the cookie. This has nothing to do with this ticket.
The issue described here is that the active(!) session of the user looses
all data stored in that session.
Instead, just the session token / cookie should be changed and the data is
maintained.
Did you try the example with the counter?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61366#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list