🍒 [PM-27902] Logout user after successful master password reset (#6137)

app/src/main/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt

@@ -1023,12 +1023,6 @@ class AuthRepositoryImpl(
             }
             .fold(
                 onSuccess = {
-                    // Clear the password reset reason, since it's no longer relevant.
-                    storeUserResetPasswordReason(
-                        userId = activeAccount.profile.userId,
-                        reason = null,
-                    )
-
                     // Update the saved master password hash.
                     authSdkSource
                         .hashPassword(
@@ -1044,6 +1038,10 @@ class AuthRepositoryImpl(
                             )
                         }
 
+                    // Log out the user after successful password reset.
+                    // This clears all user state including forcePasswordResetReason.
+                    logout(reason = LogoutReason.PasswordReset)
+
                     // Return the success.
                     ResetPasswordResult.Success
                 },

app/src/main/kotlin/com/x8bit/bitwarden/data/auth/repository/model/LogoutReason.kt

@@ -66,6 +66,11 @@ sealed class LogoutReason {
      */
     data object Notification : LogoutReason()
 
+    /**
+     * Indicates that the logout is happening because the user reset their master password.
+     */
+    data object PasswordReset : LogoutReason()
+
     /**
      * Indicates that the logout is happening because the sync security stamp was invalidated.
      */

app/src/test/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryTest.kt

@@ -5073,6 +5073,12 @@ class AuthRepositoryTest {
             userId = USER_ID_1,
             passwordHash = newPasswordHash,
         )
+        verify {
+            userLogoutManager.logout(
+                userId = ACCOUNT_1.profile.userId,
+                reason = LogoutReason.PasswordReset,
+            )
+        }
     }
 
     @Test