Is there any way to invalidate all other user sessions when the user does a password reset in drupal 7? I have searched for this and so far I can only found the following resource.
https://www.drupal.org/node/2294061
Any help will be really appreciated :). Thanks in advance.
As far as I know, what you want is already implemented in Drupal 7.
I've tested this on a fresh Drupal 7 install and changing the password in one browser kills all sessions for the same user in other browsers.
You can refer to the relevant source code from line 544 to 599 in this file: https://git.drupalcode.org/project/drupal/blob/7.x/modules/user/user.module
// If the password changed, delete all open sessions and recreate // the current one. if ($account->pass != $account->original->pass) { drupal_session_destroy_uid($account->uid); if ($account->uid == $GLOBALS['user']->uid) { drupal_session_regenerate(); } }