diff --git a/src/controllers/accounts/session.js b/src/controllers/accounts/session.js
index 97529df09b..d8342d5560 100644
--- a/src/controllers/accounts/session.js
+++ b/src/controllers/accounts/session.js
@@ -15,7 +15,7 @@ sessionController.revoke = function(req, res, next) {
var _id;
async.waterfall([
- async.apply(db.getObjectField, 'sessionUUID:sessionId', req.params.uuid),
+ async.apply(db.getObjectField, 'uid:' + req.uid + ':sessionUUID:sessionId', req.params.uuid),
function(sessionId, next) {
if (!sessionId) {
return next(new Error('[[error:no-session-found]]'));
diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js
index cabb25b79d..1ffee1c896 100644
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -197,7 +197,7 @@ function continueLogin(req, res, next) {
// Associate login session with user
user.auth.addSession(userData.uid, req.sessionID);
- db.setObjectField('sessionUUID:sessionId', uuid, req.sessionID);
+ db.setObjectField('uid:' + userData.uid + 'sessionUUID:sessionId', uuid, req.sessionID);
plugins.fireHook('action:user.loggedIn', userData.uid);
}
diff --git a/src/user/auth.js b/src/user/auth.js
index 567e4b2baa..2a6f0c7f54 100644
--- a/src/user/auth.js
+++ b/src/user/auth.js
@@ -89,7 +89,7 @@ module.exports = function(User) {
expired = !sessionObj || !sessionObj.hasOwnProperty('passport')
|| !sessionObj.passport.hasOwnProperty('user')
|| parseInt(sessionObj.passport.user, 10) !== parseInt(uid, 10);
-
+
if (expired) {
expiredSids.push(_sids[idx]);
}
@@ -121,7 +121,7 @@ module.exports = function(User) {
db.sessionStore.get(sessionId, function(err, sessionObj) {
async.parallel([
- async.apply(db.deleteObjectField, 'sessionUUID:sessionId', sessionObj.meta.uuid),
+ async.apply(db.deleteObjectField, 'uid:' + uid + ':sessionUUID:sessionId', sessionObj.meta.uuid),
async.apply(db.sortedSetRemove, 'uid:' + uid + ':sessions', sessionId),
async.apply(db.sessionStore.destroy.bind(db.sessionStore), sessionId)
], callback);