From f9f0c644b11cbde27218f642db8663ffcf668fd9 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 20 Mar 2014 13:22:00 -0500
Subject: [PATCH] Cancel reset tokens on successful, interactive login

---
 include/class.auth.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/include/class.auth.php b/include/class.auth.php
index 74a4664b9..ccf352b9d 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -322,6 +322,9 @@ abstract class StaffAuthenticationBackend  extends AuthenticationBackend {
 
         Signal::send('auth.login.succeeded', $staff);
 
+        if ($bk->supportsAuthentication())
+            $staff->cancelResetTokens();
+
         return true;
     }
 
@@ -431,6 +434,9 @@ abstract class UserAuthenticationBackend  extends AuthenticationBackend {
                 $user->getUserName(), $user->getId(), $_SERVER['REMOTE_ADDR']);
         $ost->logDebug('User login', $msg);
 
+        if ($bk->supportsAuthentication() && ($acct=$user->getAccount()))
+            $acct->cancelResetTokens();
+
         return true;
     }
 
-- 
GitLab