From b0178e90fa3576543a380ed11b422d58059999c7 Mon Sep 17 00:00:00 2001
From: Bartek Fabiszewski <github@fabiszewski.net>
Date: Sat, 28 Dec 2019 18:56:11 +0100
Subject: [PATCH] Fix: password change should update session user data

---
 helpers/auth.php     | 9 +++++++++
 helpers/user.php     | 1 +
 utils/changepass.php | 2 +-
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/helpers/auth.php b/helpers/auth.php
index 8c345f6..afe9f78 100644
--- a/helpers/auth.php
+++ b/helpers/auth.php
@@ -41,6 +41,15 @@
       }
     }
 
+    /**
+     * Update user instance stored in session
+     */
+    public function updateSession() {
+      if ($this->isAuthenticated()) {
+        $this->user->storeInSession();
+      }
+    }
+
     /**
      * Is user authenticated
      *
diff --git a/helpers/user.php b/helpers/user.php
index 8df6d27..7d44d71 100644
--- a/helpers/user.php
+++ b/helpers/user.php
@@ -140,6 +140,7 @@
           $stmt = self::db()->prepare($query);
           $stmt->execute([ $hash, $this->login ]);
           $ret = true;
+          $this->hash = $hash;
         } catch (PDOException $e) {
           // TODO: handle exception
           syslog(LOG_ERR, $e->getMessage());
diff --git a/utils/changepass.php b/utils/changepass.php
index b2d476f..b7c29f4 100644
--- a/utils/changepass.php
+++ b/utils/changepass.php
@@ -54,7 +54,7 @@
   if ($passUser->setPass($pass) === false) {
     uUtils::exitWithError("Server error");
   }
-
+  $auth->updateSession();
   uUtils::exitWithSuccess();
 
 ?>
\ No newline at end of file