diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2009-06-06 10:20:27 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2009-06-06 10:20:27 +0000 |
| commit | 9c282842a933e30a40053c72cf5add2ddf2af901 (patch) | |
| tree | eaea77d8da56c67390b4aa9104893f3d3a4c3282 /app | |
| parent | 6da0542af48be717378e3885bf8278cc773be6f2 (diff) | |
| download | redmine-9c282842a933e30a40053c72cf5add2ddf2af901.tar.gz redmine-9c282842a933e30a40053c72cf5add2ddf2af901.zip | |
Do not start user session when accessing atom feed with token-based authentication.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2779 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/application.rb | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/app/controllers/application.rb b/app/controllers/application.rb index fcf83c92a..6d6338ffa 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -42,19 +42,22 @@ class ApplicationController < ActionController::Base # Check the settings cache for each request Setting.check_cache # Find the current user - self.logged_user = find_current_user + User.current = find_current_user end # Returns the current user or nil if no user is logged in + # and starts a session if needed def find_current_user if session[:user_id] # existing session (User.active.find(session[:user_id]) rescue nil) elsif cookies[:autologin] && Setting.autologin? - # auto-login feature - User.try_to_autologin(cookies[:autologin]) - elsif params[:key] && accept_key_auth_actions.include?(params[:action]) - # RSS key authentication + # auto-login feature starts a new session + user = User.try_to_autologin(cookies[:autologin]) + session[:user_id] = user.id if user + user + elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action]) + # RSS key authentication does not start a session User.find_by_rss_key(params[:key]) end end |