Patch #25653 » 0002-Only-perform-login-action-on-explicit-POST.patch
app/controllers/account_controller.rb | ||
---|---|---|
34 | 34 | |
35 | 35 |
# Login request and validation |
36 | 36 |
def login |
37 |
if request.get? |
|
37 |
if request.post? |
|
38 |
authenticate_user |
|
39 |
else |
|
38 | 40 |
if User.current.logged? |
39 | 41 |
redirect_back_or_default home_url, :referer => true |
40 | 42 |
end |
41 |
else |
|
42 |
authenticate_user |
|
43 | 43 |
end |
44 | 44 |
rescue AuthSourceException => e |
45 | 45 |
logger.error "An error occurred when authenticating #{params[:username]}: #{e.message}" |
- « Previous
- 1
- 2
- Next »