diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-04-04 17:15:07 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-04-04 17:15:07 +0000 |
commit | b9ee00a8c8ba2fe2b32eb33d299d4764ebc2968b (patch) | |
tree | b6dbfdb5379e2aec1ab06be75d5ad77f94873bfa /app/controllers | |
parent | 5c7aaa4d1eed86e0a3e687ab4a2263b00a68d611 (diff) | |
download | redmine-b9ee00a8c8ba2fe2b32eb33d299d4764ebc2968b.tar.gz redmine-b9ee00a8c8ba2fe2b32eb33d299d4764ebc2968b.zip |
Adds methods to User model to handle tokens.
git-svn-id: http://svn.redmine.org/redmine/trunk@16474 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/account_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/application_controller.rb | 7 |
2 files changed, 6 insertions, 5 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 6bd7e02f5..842df6045 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -280,13 +280,13 @@ class AccountController < ApplicationController end def set_autologin_cookie(user) - token = Token.create(:user => user, :action => 'autologin') + token = user.generate_autologin_token secure = Redmine::Configuration['autologin_cookie_secure'] if secure.nil? secure = request.ssl? end cookie_options = { - :value => token.value, + :value => token, :expires => 1.year.from_now, :path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'), :secure => secure, diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index d3f549e46..f7bc95a7d 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -168,9 +168,10 @@ class ApplicationController < ActionController::Base # Logs out current user def logout_user if User.current.logged? - cookies.delete(autologin_cookie_name) - Token.where(["user_id = ? AND action = ?", User.current.id, 'autologin']).delete_all - Token.where(["user_id = ? AND action = ? AND value = ?", User.current.id, 'session', session[:tk]]).delete_all + if autologin = cookies.delete(autologin_cookie_name) + User.current.delete_autologin_token(autologin) + end + User.current.delete_session_token(session[:tk]) self.logged_user = nil end end |