diff options
Diffstat (limited to 'app/controllers/auth/registrations_controller.rb')
-rw-r--r-- | app/controllers/auth/registrations_controller.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb index 068375843..531df7751 100644 --- a/app/controllers/auth/registrations_controller.rb +++ b/app/controllers/auth/registrations_controller.rb @@ -11,6 +11,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController before_action :set_instance_presenter, only: [:new, :create, :update] before_action :set_body_classes, only: [:new, :create, :edit, :update] before_action :require_not_suspended!, only: [:update] + before_action :set_cache_headers, only: [:edit, :update] skip_before_action :require_functional!, only: [:edit, :update] @@ -22,10 +23,17 @@ class Auth::RegistrationsController < Devise::RegistrationsController not_found end + def update + super do |resource| + resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password? + end + end + protected def update_resource(resource, params) params[:password] = nil if Devise.pam_authentication && resource.encrypted_password.blank? + super end @@ -114,4 +122,8 @@ class Auth::RegistrationsController < Devise::RegistrationsController def require_not_suspended! forbidden if current_account.suspended? end + + def set_cache_headers + response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate' + end end |