From 0364562273221647fdff082ea6e31ad376b4b8de Mon Sep 17 00:00:00 2001 From: benni Date: Sun, 30 Dec 2012 16:34:01 +0100 Subject: [PATCH] Fixed return_to when authorization gets lost. --- app/controllers/application_controller.rb | 4 ++-- app/controllers/sessions_controller.rb | 8 +++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5328b0e1..29b752a0 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -22,7 +22,7 @@ class ApplicationController < ActionController::Base helper_method :current_user def deny_access - self.return_to = request.original_url + session[:return_to] = request.original_url redirect_to login_url, :alert => 'Access denied!' end @@ -33,7 +33,7 @@ class ApplicationController < ActionController::Base if !current_user # No user at all: redirect to login page. session[:user_id] = nil - session['return_to'] = request.fullpath + session[:return_to] = request.original_url redirect_to login_url, :alert => 'Authentication required!' else # We have an authenticated user, now check role... diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 6cb238d1..d602a206 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -11,7 +11,13 @@ class SessionsController < ApplicationController if user session[:user_id] = user.id session[:scope] = FoodsoftConfig.scope # Save scope in session to not allow switching between foodcoops with one account - redirect_to session['return_to'] || root_url, :notice => "Logged in!" + if session[:return_to].present? + redirect_to_url = session[:return_to] + session[:return_to] = nil + else + redirect_to_url = root_url + end + redirect_to redirect_to_url, :notice => "Logged in!" else flash.now.alert = "Invalid email or password" render "new"