Invalidate a cookie on password change

I use cookies to manage user sessions in my Rails app. I recently found that when a user changes the password, the cookie does not get invalidated as expected. As you realize, this could be a great threat to security. How should I handle this problem? I want to expire or invalidate a cookie once the user changes the password. How do I do this in Rails. Thanks.

Are you using a plugin or gem (if so which one) for authentication or did you roll your own? How are you setting the cookie in the first place? Depending on what your current setup is, a simple solution would be to invalidate the cookie in your user update controller method if a new password is being provided.