Invalidate user session on password reset #45139
Conversation
|
Just a static check failure :) |
There was a problem hiding this comment.
@shubhamraj-git nice work on the PR. Could you please change the PR title to something better, like "Invalidate a session on password change"?
shubhamraj-git
force-pushed
the
session_expire_from_cli
branch
from
9e2b387 to
86dd8de
Compare
potiuk
added
the
backport-to-v2-10-test
potiuk
removed
the
backport-to-v2-10-test
|
This is provider-only change - so we do not need to backport it. |
shubhamraj-git
changed the title
Not so simple. It was decided that fab provider next release is breaking change and compatible with Airflow 3 only. to release this change to fab provider that is compatible with Airflow 2.9 we need to create a branch from fab tag 1.5.1 and follow on: |
Indeed. First time!. So wiil simply need to create a branch from FAB and use cherry-picker to cherry-pick it there after merging. Probably manual |
…e#45139) * session expire on pass change * fix statis checks * add tests (cherry picked from commit cf401c4) Co-authored-by: Shubham Raj <[email protected]>
Session expire on pass change
The key difference is automatic transaction handling in the UI vs the manual control required in CLI operations. In the CLI, it does not automatically commit the session unless you explicitly tell it to, while the UI framework does this at the end of a successful request. So, session.commit() is added.
^ Add meaningful description above
Read the Pull Request Guidelines for more information.
In case of fundamental code changes, an Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in a newsfragment file, named
{pr_number}.significant.rstor{issue_number}.significant.rst, in newsfragments.