mod_tokenauth: Invalidate tokens issued before most recent password change
This is a security improvement, to ensure that sessions authenticated using a
token (note: not currently possible in stock Prosody) are invalidated just
like password-authenticated sessions are.
Thanks for your interest in contributing to the project!
There are many ways to contribute, such as helping improve the
documentation, reporting bugs, spreading the word or testing the latest
development version.
You can find more information on how to contribute at <https://prosody.im/doc/contributing>
See also the HACKERS and README files.