mirror of
https://github.com/discourse/discourse.git
synced 2025-02-25 18:55:32 -06:00
we need to be able to do username checks for registration to work
This commit is contained in:
Sam
parent
74502172f3
commit
2dfba8d6de
@ -1,6 +1,5 @@
|
|||||||
class SessionController < ApplicationController
|
class SessionController < ApplicationController
|
||||||
|
# we need to allow account login with bad CSRF tokens, if people are caching, the CSRF token on the
|
||||||
# we need to allow account login with bad CSRF tokens, if people are caching, the CSRF token on the
|
|
||||||
# page is going to be empty, this means that server will see an invalid CSRF and blow the session
|
# page is going to be empty, this means that server will see an invalid CSRF and blow the session
|
||||||
# once that happens you can't log in with social
|
# once that happens you can't log in with social
|
||||||
skip_before_filter :verify_authenticity_token, only: [:create]
|
skip_before_filter :verify_authenticity_token, only: [:create]
|
||||||
|
|||||||
@ -11,7 +11,7 @@ class UsersController < ApplicationController
|
|||||||
# we need to allow account creation with bad CSRF tokens, if people are caching, the CSRF token on the
|
# we need to allow account creation with bad CSRF tokens, if people are caching, the CSRF token on the
|
||||||
# page is going to be empty, this means that server will see an invalid CSRF and blow the session
|
# page is going to be empty, this means that server will see an invalid CSRF and blow the session
|
||||||
# once that happens you can't log in with social
|
# once that happens you can't log in with social
|
||||||
skip_before_filter :verify_authenticity_token, only: [:create]
|
skip_before_filter :verify_authenticity_token, only: [:create, :check_username]
|
||||||
|
|
||||||
def show
|
def show
|
||||||
@user = fetch_user_from_params
|
@user = fetch_user_from_params
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user