Logut user after password change, Closes #1047

app/controllers/login_controller.rb

@@ -69,16 +69,7 @@ class LoginController < ApplicationController
   end
   
   def logout
-    @user.forget_me if logged_in?
-    cookies.delete :auth_token
-    session['user_id'] = nil
-    if ( SITE_CONFIG['authentication_schemes'].include? 'cas')  && session[:cas_user]
-      CASClient::Frameworks::Rails::Filter.logout(self)
-    else
-      reset_session
-      notify :notice, t('login.logged_out')
-      redirect_to_login
-    end
+    logout_user
   end
 
   def expire_session
@@ -149,13 +140,6 @@ class LoginController < ApplicationController
   
   private
       
-  def redirect_to_login
-    respond_to do |format|
-      format.html { redirect_to login_path }
-      format.m { redirect_to login_path(:format => 'm') }
-    end
-  end
-  
   def should_expire_sessions?
     session['noexpiry'] != "on"
   end

app/controllers/preferences_controller.rb

@@ -12,8 +12,11 @@ class PreferencesController < ApplicationController
     user_updated = current_user.update_attributes(params['user'])
     prefs_updated = current_user.preference.update_attributes(params['prefs'])
     if (user_updated && prefs_updated)
-      notify :notice, "Preferences updated"
-      redirect_to :action => 'index'
+      if !params['user']['password'].blank? # password updated?
+        logout_user t('preferences.password_changed')
+      else
+        preference_updated
+      end
     else
       msg = "Preferences could not be updated: "
       msg += "User model errors; " unless user_updated
@@ -28,4 +31,12 @@ class PreferencesController < ApplicationController
     render :text => l(Date.today, :format => format)
   end
 
+private
+
+  # Display notification if preferences are successful updated
+  def preference_updated
+    notify :notice, t('preferences.updated')
+    redirect_to :action => 'index'
+  end
+  
 end