Kick other sessions when changing password (#13194)

* Kick other session when changing password
Invalidate other sessions when a user password gets changed

* Don't logout admin users when they change passwords.
Cleanup phpstan exceptions

* only restore user if needed

* comment odd behavior

* $current_user typehint

tests/AuthSSOTest.php

@@ -227,7 +227,6 @@ class AuthSSOTest extends DBTestCase
         $a = LegacyAuth::reset();
 
         $this->assertFalse($a->canUpdatePasswords());
-        $this->assertFalse($a->changePassword(null, null));
         $this->assertTrue($a->canManageUsers());
         $this->assertTrue($a->canUpdateUsers());
         $this->assertTrue($a->authIsExternal());