use write_secure_token() to store authentication token

ministryofjustice · Jan 22, 2014 · c8d3e1f · c8d3e1f
1 parent edc1fde
commit c8d3e1f
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,6 +1,6 @@
 GIT
   remote: git://github.com/ministryofjustice/author.git
-  revision: 1b944e6bd5379712ce8c0dd58b3cd4a4d4af23d1
+  revision: 2d8113059a3f9dea9f03a2bcf1ce89d9e3158191
   branch: controller_mixin
   specs:
     author (1.2)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -6,9 +6,10 @@ def login_screen
 
   def create_session
     author = Author::Proxy.new(Rails.application.config.auth_client)
+
     begin
       if(author.login(params[:email], params[:password]))
-        session[:secret_token] = author.session
+        write_secure_token author.session
       else
         flash_alert "Authentication failed."
       end
@@ -21,6 +22,6 @@ def create_session
 
   def logout
     reset_session
-    redirect_to controller: 'users', action: 'login_screen' 
+    redirect_to controller: 'users', action: 'login_screen'
   end
-end
+end