How to log out a user after their password has been changed?

S

Sergey Khlopov2021-02-23 13:19:15

Laravel

Sergey Khlopov, 2021-02-23 13:19:15

Hello, tell me please. I am now implementing the possibility that the administrator could change the user's password. When the administrator changed the user's password, it is necessary that the user be thrown out of the system, and then he re-logged in with a new password.
To do this, I added the logout field in the users table, by default this field is false, but when the user's password has changed, it is true. And in Middleware Authenticate.php I do the following check:

$user = Auth::user();
        if($user) {
            if($user->logout) {
                $user->logout = false;
                $user->save();
                Auth::logout();
                return redirect('/');
            }
        }

But the problem is that if the user was not authorized at the moment when his password was changed, and tries to log in with a new password, then he immediately throws it out, as a result, you have to log in right away. Can you please tell me the best way to implement this? Thank you in advance for your response