Changesets can be listed by changeset number.
The Git repository is here.
Changeset 481
Add support for return-to URL by explicit session key and
make sure that white space in e-mail addresses is stripped.
- Comitted by: rool
- Date: Sunday May 08 22:51:59 2022 (over 2 years ago)
Affected files:
rool/rails/hub/trunk/app/controllers/account_controller.rb:
prev. | current | |
# The "proper" login method | ||
# | ||
def login | ||
53 | | |
53 | @title = 'Log in' | |
54 | return_to_url = hubssolib_get_return_to() || session[:return_to_url] | |
56 | session.delete(:return_to_url) | |
57 | ||
# GET methods just show the login screen. We dump all known application | ||
# cookies at this point, since they can be stale and logins might not be | ||
# recognised within those applications otherwise. | ||
... | ... | |
cookies.delete( 'gulleryapp_session_id' ) | ||
cookies.delete( 'collaboaapp_session_id' ) | ||
cookies.delete( 'rcvswebapp_session_id' ) | ||
71 | cookies.delete( 'hubapp_shared_id' ) | |
72 | cookies.delete( '_hub_session' ) | |
74 | session[:return_to_url] = return_to_url | |
return | ||
end | ||
@email = params[:email] | ||
79 | @email = @email.strip() if @email.present? | |
80 | ||
self.hubssolib_current_user = from_real_user(User.authenticate(@email, params[:password])) | ||
if (self.hubssolib_current_user and self.hubssolib_current_user != :false) | ||
... | ... | |
"You have #{privileges} privileges." | ||
) | ||
85 | | |
93 | if return_to_url.present? | |
94 | redirect_to(return_to_url) | |
95 | else | |
96 | redirect_to(:controller => 'tasks', :action => nil) | |
97 | end | |
98 | ||
else | ||
hubssolib_set_flash(:alert, 'Incorrect e-mail address or password.') | ||
101 | ||
end | ||
end | ||
... | ... | |
# contains nothing that won't be overwritten anyway or isn't already | ||
# protected by attr_accessible in the User model. | ||
108 | | |
122 | @user = User.new(params[:user]) | |
123 | @user.email = @user.email.strip() if @user.email.present? | |
if ( @user.email.downcase.ends_with?( '.kr' ) || @user.email.downcase.ends_with?( '.cn' ) ) | ||
hubssolib_set_flash(:attention, 'Due to overwhelming spam volumes from some locations, self-signups for those locations are blocked. Please contact ROOL for assistence.') |