diff --git a/r2/r2/controllers/api.py b/r2/r2/controllers/api.py
index 808aeda32..c65ca6663 100644
--- a/r2/r2/controllers/api.py
+++ b/r2/r2/controllers/api.py
@@ -590,6 +590,25 @@ class ApiController(RedditController):
c.user.add_friend_note(friend, note)
form.set_html('.status', _("saved"))
+ @validatedForm(VUser('curpass', default=''),
+ VModhash(),
+ password = VPassword(['curpass', 'curpass']),
+ dest = VDestination())
+ def POST_clear_sessions(self, form, jquery, password, dest):
+ """Clear all session cookies and update the current one."""
+ # password is required to proceed
+ if form.has_errors("curpass", errors.WRONG_PASSWORD):
+ return
+
+ form.set_html('.status',
+ _('all other sessions have been logged out'))
+ form.set_inputs(curpass = "")
+ # run the change password command to get a new salt
+ change_password(c.user, password)
+ # the password salt has changed, so the user's cookie has been
+ # invalidated. drop a new cookie.
+ self.login(c.user)
+
@validatedForm(VUser('curpass', default = ''),
VModhash(),
email = ValidEmails("email", num = 1),
diff --git a/r2/r2/templates/useriphistory.html b/r2/r2/templates/useriphistory.html
index 5fed1c4ed..2d84ac27f 100644
--- a/r2/r2/templates/useriphistory.html
+++ b/r2/r2/templates/useriphistory.html
@@ -20,7 +20,9 @@
## CondeNet, Inc. All Rights Reserved.
################################################################################
-<%namespace file="utils.html" import="timestamp"/>
+<%namespace file="utils.html" import="error_field, timestamp"/>
+<%namespace name="utils" file="utils.html"/>
+
<%
from r2.lib.strings import strings
ip_format = {'address': request.ip}
@@ -53,3 +55,20 @@
+
+
+${_("Log out of all other sessions")}
+
+