issue#400: update session hash after password change

Author: virgilio

accounts/views.py

@@ -19,6 +19,7 @@
 
 from core.permissions import IsAdmin
 
+from django.contrib.auth import update_session_auth_hash
 
 class ProfileEditView(LoginRequiredMixin, UpdateView):
     model = get_user_model()
@@ -35,6 +36,12 @@ def get_success_url(self):
     def get_object(self):
         return self.request.user
 
+    def post(self, request, *args, **kwargs):
+        form_result = super(ProfileEditView, self)\
+            .post(request, *args, **kwargs)
+        update_session_auth_hash(self.request, self.request.user)
+        return form_result
+
 
 class ProfileView(LoginRequiredMixin, DetailView):
     model = get_user_model()