I have a password reset form where the user also gets a new auth_key for his cookie revalidation.
How should I delete the old cookie and write a new identity cookie when I change the auth_key?
Is using Yii::$app->user->switchIdentity($user) and providing the same user identity again the right way?
Looks like after resetting the password you may need to re-login the user based on newly generated token or may use manually $user->login(yii\web\IdentityInterface $identity, $duration = 0) then you will get the newly generated auth_key from switchIdentity($user) and set into cookie.
