summaryrefslogtreecommitdiff
path: root/app/controllers/sessions_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/sessions_controller.rb')
-rw-r--r--app/controllers/sessions_controller.rb4
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index e115b35..64bf951 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -13,13 +13,15 @@ class SessionsController < ApplicationController
13 logout_keeping_session! 13 logout_keeping_session!
14 user = User.authenticate(params[:login], params[:password]) 14 user = User.authenticate(params[:login], params[:password])
15 if user 15 if user
16 return_to = session[:return_to]
17
16 # Protects against session fixation attacks, causes request forgery 18 # Protects against session fixation attacks, causes request forgery
17 # protection if user resubmits an earlier form using back 19 # protection if user resubmits an earlier form using back
18 # button. Uncomment if you understand the tradeoffs. 20 # button. Uncomment if you understand the tradeoffs.
19 reset_session 21 reset_session
20 22
21 self.current_user = user 23 self.current_user = user
22 redirect_back_or_default('/de/admin') # TODO: insert appropriate path to cms main page 24 redirect_to safe_return_to(return_to, :default => admin_path)
23 flash[:notice] = "Logged in successfully" 25 flash[:notice] = "Logged in successfully"
24 else 26 else
25 note_failed_signin 27 note_failed_signin