diff --git a/lib/load_gen/activities/reset_pass.js b/lib/load_gen/activities/reset_pass.js
index 45dca0cf569f72cda52afc03455d744f0f5eb726..29d4a484620bb3b8ec4be104c52e58f7d2287296 100644
--- a/lib/load_gen/activities/reset_pass.js
+++ b/lib/load_gen/activities/reset_pass.js
@@ -71,12 +71,17 @@ exports.startFunc = function(cfg, cb) {
};
})();
+ // if we did not split a user, we are going to change the user's uid
+ // out from under them. this means we should clear all authenticated
+ // sessions, lest they remain authenticated as the old uid.
+ if (!newUser) userdb.clearContexts(user);
+
// now everything is identical to the signup flow
// pick a device context at random
var context = userdb.any(user.ctxs);
// pick an email address to operate on (there should really be
- // only one at this point
+ // only one at this point)
var email = userdb.any(user.emails);
var origin = userdb.any(user.sites);
diff --git a/lib/load_gen/user_db.js b/lib/load_gen/user_db.js
index 241b53119289106a1d0beafa2d18223b73775266..7368355a0c7620f85af54e564be9ffee8ad0c18f 100644
--- a/lib/load_gen/user_db.js
+++ b/lib/load_gen/user_db.js
@@ -78,7 +78,6 @@ exports.getNewUser = function(email, password) {
// key material is device specific
ctxs: [
{
- // and no public keys (XXX: beware the cometh of certs)
keys: {
}
},
@@ -91,6 +90,10 @@ exports.getNewUser = function(email, password) {
return user;
};
+exports.clearContexts = function(user) {
+ user.ctxs = [ { keys: { } }, { keys: { } } ];
+};
+
exports.addNewUser = function(user) {
delete user.locked;
users.push(user);
@@ -119,11 +122,10 @@ exports.splitUser = function(user) {
if (user.emails.length == 1) {
throw "you can't split a user with only one email";
} else {
- var newuser = exports.getNewUser();
// When splitting an account, always split off the *last* email.
// The *first* email may be associated with a pre-created account.
// see issue #681
- newuser.emails[0] = user.emails.pop();
+ var newuser = exports.getNewUser(user.emails.pop());
return newuser;
}
};