Skip to content
Snippets Groups Projects
Unverified Commit 86ba280d authored by Jesus Federico's avatar Jesus Federico Committed by GitHub
Browse files

CVE-2015-9284: follow-up for restoring single authentication method and LDAP (#3376)

* CVE-2015-9284: follow-up for resotoring single authentication method and ldap

* CVE-2015-9284: follow-up for resotoring ldap
parent 6ba1faeb
No related branches found
No related tags found
No related merge requests found
......@@ -40,6 +40,7 @@ gem 'random_password', '~> 0.1.1'
gem "recaptcha", '~> 5.7.0'
gem 'redcarpet', '~> 3.5.1'
gem 'remote_syslog_logger', '~> 1.0.4'
gem 'repost', '~> 0.3.8'
gem 'rubocop', '~> 1.10.0'
gem 'sassc-rails', '~> 2.1.2'
gem 'sprockets', '~> 3.7.2'
......
......@@ -341,6 +341,7 @@ GEM
regexp_parser (2.1.1)
remote_syslog_logger (1.0.4)
syslog_protocol
repost (0.3.8)
representable (3.0.4)
declarative (< 0.1.0)
declarative-option (< 0.2.0)
......@@ -508,6 +509,7 @@ DEPENDENCIES
redcarpet (~> 3.5.1)
redis (~> 4.2.5)
remote_syslog_logger (~> 1.0.4)
repost (~> 0.3.8)
rspec-rails (~> 3.7)
rubocop (~> 1.10.0)
sassc-rails (~> 2.1.2)
......
......@@ -39,7 +39,7 @@ class SessionsController < ApplicationController
"#{Rails.configuration.relative_url_root}/auth/#{@providers.first}"
end
redirect_to provider_path
redirect_post(provider_path, options: { authenticity_token: :auto })
end
end
......
......@@ -28,7 +28,7 @@ Rails.application.routes.draw do
get '/signin', to: 'sessions#signin', as: :signin
get '/signup', to: 'sessions#new', as: :signup
post '/signup', to: 'users#create', as: :create_user
get '/ldap_signin', to: 'sessions#ldap_signin', as: :ldap_signin
match '/ldap_signin', to: 'sessions#ldap_signin', as: :ldap_signin, via: [:get, :post]
# Redirect to terms page
match '/terms', to: 'users#terms', via: [:get, :post]
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment