TD-3731: Invalidated Current User Session on Password Change.

LearningHub.Nhs.WebUI/Controllers/HomeController.cs

@@ -335,14 +335,19 @@ public IActionResult NhsSites()
         }
 
         /// <summary>
-        /// The Logout.
-        /// This is directly referenced in the LoginWizardFilter to allow
-        /// logouts to bypass LoginWizard redirects.
-        /// If the name is changed, the LoginWizardFilter MUST be updated.
+        /// The ChangePasswordAcknowledgement.
         /// </summary>
         /// <returns>The <see cref="IActionResult"/>.</returns>
-        [AllowAnonymous]
-        public IActionResult Logout()
+        public IActionResult ChangePasswordAcknowledgement()
+        {
+            return this.View();
+        }
+
+        /// <summary>
+        /// StatusUpdate.
+        /// </summary>
+        /// <returns>Actionresult.</returns>
+        public IActionResult UserLogout()
         {
             if (!(this.User?.Identity.IsAuthenticated ?? false))
             {
@@ -352,6 +357,20 @@ public IActionResult Logout()
             return new SignOutResult(new[] { CookieAuthenticationDefaults.AuthenticationScheme, "oidc" });
         }
 
+        /// <summary>
+        /// The Logout.
+        /// This is directly referenced in the LoginWizardFilter to allow
+        /// logouts to bypass LoginWizard redirects.
+        /// If the name is changed, the LoginWizardFilter MUST be updated.
+        /// </summary>
+        /// <returns>The <see cref="IActionResult"/>.</returns>
+        [AllowAnonymous]
+        public IActionResult Logout()
+        {
+            var redirectUri = $"{this.configuration["LearningHubAuthServiceConfig:Authority"]}/Home/SetIsPasswordUpdate?isLogout=true";
+            return this.Redirect(redirectUri);
+        }
+
         /// <summary>
         /// The SessionTimeout.
         /// </summary>

LearningHub.Nhs.WebUI/Controllers/MyAccountController.cs

@@ -21,10 +21,12 @@
     using Microsoft.AspNetCore.Hosting;
     using Microsoft.AspNetCore.Mvc;
     using Microsoft.AspNetCore.Routing;
+    using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.Logging;
     using Microsoft.Extensions.Options;
     using NHSUKViewComponents.Web.ViewModels;
     using ChangePasswordViewModel = LearningHub.Nhs.WebUI.Models.UserProfile.ChangePasswordViewModel;
+    using IConfiguration = Microsoft.Extensions.Configuration.IConfiguration;
 
     /// <summary>
     /// The UserController.
@@ -43,6 +45,7 @@ public partial class MyAccountController : BaseController
         private readonly ISpecialtyService specialtyService;
         private readonly ILocationService locationService;
         private readonly ICacheService cacheService;
+        private readonly IConfiguration configuration;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="MyAccountController"/> class.
@@ -61,6 +64,7 @@ public partial class MyAccountController : BaseController
         /// <param name="locationService">The locationService.</param>
         /// <param name="multiPageFormService">The multiPageFormService<see cref="IMultiPageFormService"/>.</param>
         /// <param name="cacheService">The cacheService<see cref="ICacheService"/>.</param>
+        /// <param name="configuration">The cacheService<see cref="IConfiguration"/>.</param>
         public MyAccountController(
                 IWebHostEnvironment hostingEnvironment,
                 ILogger<ResourceController> logger,
@@ -75,7 +79,8 @@ public MyAccountController(
                 ISpecialtyService specialtyService,
                 ILocationService locationService,
                 IMultiPageFormService multiPageFormService,
-                ICacheService cacheService)
+                ICacheService cacheService,
+                IConfiguration configuration)
                 : base(hostingEnvironment, httpClientFactory, logger, settings.Value)
         {
             this.userService = userService;
@@ -88,6 +93,7 @@ public MyAccountController(
             this.locationService = locationService;
             this.multiPageFormService = multiPageFormService;
             this.cacheService = cacheService;
+            this.configuration = configuration;
         }
 
         private string LoginWizardCacheKey => $"{this.CurrentUserId}:LoginWizard";
@@ -452,9 +458,8 @@ public async Task<IActionResult> UpdatePassword(ChangePasswordViewModel model)
             if (this.ModelState.IsValid)
             {
                 await this.userService.UpdatePassword(model.NewPassword);
-
-                this.ViewBag.SuccessMessage = CommonValidationErrorMessages.PasswordSuccessMessage;
-                return this.View("SuccessMessage");
+                var redirectUri = $"{this.configuration["LearningHubAuthServiceConfig:Authority"]}/Home/SetIsPasswordUpdate?isLogout=false";
+                return this.Redirect(redirectUri);
             }
             else
             {

LearningHub.Nhs.WebUI/Views/Home/ChangePasswordAcknowledgement.cshtml

@@ -0,0 +1,24 @@
+@{
+    ViewData["Title"] = "Change password Acknowledgement";
+}
+
+<div class="forgot-password">
+    <div class="nhsuk-width-container app-width-container">
+        <div class="nhsuk-grid-row">
+            <div class="nhsuk-grid-column-full nhsuk-u-padding-top-9">
+                <div class="nhsuk-u-reading-width">
+                    <h1 class="nhsuk-heading-xl"> Your password has been changed successfully.</h1>
+
+                    <p class="nhsuk-body">
+                        You have been logged out. Please log in using your username and new password to explore the Learning Hub.
+                    </p>
+                    <div class="nhsuk-u-padding-bottom-9">
+                        <form asp-controller="Home" asp-action="Index" method="post">
+                            <button class="nhsuk-button" id="save-button" type="submit">Continue to the Learning Hub</button>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>