3 files changed, 45 insertions, 0 deletions

diff --git a/include/sessions.hpp b/include/sessions.hpp
index 9795719b31..62700bec56 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -7,6 +7,7 @@
 
 #include <nlohmann/json.hpp>
 
+#include <algorithm>
 #include <csignal>
 #include <optional>
 #include <random>
@@ -323,6 +324,17 @@ class SessionStore
         return ret;
     }
 
+    void removeSessionsByUsername(std::string_view username)
+    {
+        std::erase_if(authTokens, [username](const auto& value) {
+            if (value.second == nullptr)
+            {
+                return false;
+            }
+            return value.second->username == username;
+        });
+    }
+
     void updateAuthMethodsConfig(const AuthConfigMethods& config)
     {
         bool isTLSchanged = (authMethodsConfig.tls != config.tls);
diff --git a/include/user_monitor.hpp b/include/user_monitor.hpp
new file mode 100644
index 0000000000..bd8ed24f31
--- /dev/null
+++ b/include/user_monitor.hpp
@@ -0,0 +1,30 @@
+#pragma once
+#include "dbus_singleton.hpp"
+#include "dbus_utility.hpp"
+#include "persistent_data.hpp"
+
+#include <sdbusplus/bus/match.hpp>
+#include <sdbusplus/message/types.hpp>
+
+namespace bmcweb
+{
+
+inline void onUserRemoved(sdbusplus::message::message& msg)
+{
+    sdbusplus::message::object_path p;
+    msg.read(p);
+    std::string username = p.filename();
+    persistent_data::SessionStore::getInstance().removeSessionsByUsername(
+        username);
+}
+
+inline void registerUserRemovedSignal()
+{
+    std::string userRemovedMatchStr =
+        sdbusplus::bus::match::rules::interfacesRemoved(
+            "/xyz/openbmc_project/user");
+
+    static sdbusplus::bus::match_t userRemovedMatch(
+        *crow::connections::systemBus, userRemovedMatchStr, onUserRemoved);
+}
+} // namespace bmcweb
diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp
index 1dbeb061ae..8e3a6f4ca9 100644
--- a/src/webserver_main.cpp
+++ b/src/webserver_main.cpp
@@ -16,6 +16,7 @@
 #include "redfish_aggregator.hpp"
 #include "security_headers.hpp"
 #include "ssl_key_handler.hpp"
+#include "user_monitor.hpp"
 #include "vm_websocket.hpp"
 #include "webassets.hpp"
 
@@ -147,6 +148,8 @@ static int run()
     crow::hostname_monitor::registerHostnameSignal();
 #endif
 
+    bmcweb::registerUserRemovedSignal();
+
     app.run();
     io->run();