From 3dd74fc703031053c947474da020b88508cfb355 Mon Sep 17 00:00:00 2001
From: MingxuanGame <MingxuanGame@outlook.com>
Date: Wed, 8 Oct 2025 05:20:05 +0000
Subject: [PATCH] fix(password): fix transaction has begun

---
 app/router/private/password.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/app/router/private/password.py b/app/router/private/password.py
index 376b8f7..5e960d3 100644
--- a/app/router/private/password.py
+++ b/app/router/private/password.py
@@ -44,10 +44,10 @@ async def change_password(
     if errors := validate_password(new_password):
         raise HTTPException(status_code=400, detail="; ".join(errors))
 
-    async with session.begin():
-        current_user.pw_bcrypt = get_password_hash(new_password)
+    current_user.pw_bcrypt = get_password_hash(new_password)
 
-        await session.execute(delete(TrustedDevice).where(col(TrustedDevice.user_id) == current_user.id))
-        await session.execute(delete(LoginSession).where(col(LoginSession.user_id) == current_user.id))
-        await session.execute(delete(OAuthToken).where(col(OAuthToken.user_id) == current_user.id))
-        logger.info(f"User {current_user.id} changed password and sessions revoked")
+    await session.execute(delete(TrustedDevice).where(col(TrustedDevice.user_id) == current_user.id))
+    await session.execute(delete(LoginSession).where(col(LoginSession.user_id) == current_user.id))
+    await session.execute(delete(OAuthToken).where(col(OAuthToken.user_id) == current_user.id))
+    logger.info(f"User {current_user.id} changed password and sessions revoked")
+    await session.commit()