Audit changes.

hub/handlers.go

@@ -16,7 +16,7 @@ import (
 )
 
 func (a *App) _root(s *api.Session, w http.ResponseWriter, r *http.Request) error {
-	if s.SignedIn {
+	if s.SessionID != "" {
 		return a.redirect(w, r, "/admin/network/list/")
 	} else {
 		return a.redirect(w, r, "/sign-in/")
@@ -269,6 +269,9 @@ func (a *App) _adminPasswordSubmit(s *api.Session, w http.ResponseWriter, r *htt
 		return err
 	}
 
+	*s = a.api.Session_InvalidateAll()
+	a.setCookie(w, sessionIDCookieName, s.SessionID)
+
 	return a.redirect(w, r, "/admin/network/list/")
 }