@@ -11,6 +11,7 @@ class SessionsController < ApplicationController logout_keeping_session! account = Account.authenticate(params[:login], params[:password]) if account + self.current_account = account # Protects against session fixation attacks, causes request forgery # protection if user resubmits an earlier form using back # button. Uncomment if you understand the tradeoffs. @@ -18,7 +19,6 @@ class SessionsController < ApplicationController new_cookie_flag = (params[:remember_me] == "1") handle_remember_cookie! new_cookie_flag - self.current_account = account respond_to do |format| format.html do redirect_back_or_default('/') app/controllers/sessions_controller.rb public/bin/Pomodo.swf public/bin/assets/background.png public/bin/assets/fonts/MyriadWebPro-Bold.ttf public/bin/assets/fonts/MyriadWebPro.ttf public/bin/assets/sync_light.swf public/bin/styles.css b99c6058e1484f8002d8f613550331a9ce7f6158 Dima Berastau dima.berastau@gmail.com http://github.com/dima/pomodo_on_rails/commit/877181bc980c5e6a00630f60f88b0f298a74d3a1 877181bc980c5e6a00630f60f88b0f298a74d3a1 2009-05-28T11:22:38-07:00 2009-05-28T11:22:38-07:00 Updated the session controller to move current_account setting higher up e75470b4f637c88b9fe10d2dc72db2a65743897e Dima Berastau dima.berastau@gmail.com