feat: implement force logout notifications for password reset and account deletion

backend/api/auth_api.py

@@ -364,7 +364,7 @@ def reset_password():
     refresh_tokens_db.remove(TokenQuery.user_id == user.id)
 
     # Notify all active sessions (other tabs/devices) to sign out immediately
-    send_event_to_user(user.id, Event(EventType.FORCE_LOGOUT.value, Payload({})))
+    send_event_to_user(user.id, Event(EventType.FORCE_LOGOUT.value, Payload({'reason': 'password_reset'})))
 
     resp = jsonify({'message': 'Password has been reset'})
     _clear_auth_cookies(resp)

backend/api/user_api.py

@@ -9,6 +9,8 @@ import string
 import utils.email_sender as email_sender
 from datetime import datetime, timedelta, timezone
 from api.utils import get_validated_user_id, normalize_email, send_event_for_current_user
+from events.sse import send_event_to_user
+from events.types.payload import Payload
 from api.error_codes import ACCOUNT_MARKED_FOR_DELETION, ALREADY_MARKED
 from events.types.event_types import EventType
 from events.types.event import Event
@@ -242,5 +244,8 @@ def mark_for_deletion():
     
     # Trigger SSE event
     send_event_for_current_user(Event(EventType.USER_MARKED_FOR_DELETION.value, UserModified(user.id, UserModified.OPERATION_DELETE)))
-    
+
+    # Notify all other active sessions to sign out and go to landing page
+    send_event_to_user(user.id, Event(EventType.FORCE_LOGOUT.value, Payload({'reason': 'account_deleted'})))
+
     return jsonify({'success': True}), 200