| @@ -22,6 +22,14 class AccountController < ApplicationController | |||
|
|
22 | 22 | # prevents login action to be filtered by check_if_login_required application scope filter |
|
|
23 | 23 | skip_before_filter :check_if_login_required, :check_password_change |
|
|
24 | 24 | |
|
|
25 | # Overrides ApplicationController#verify_authenticity_token to disable | |
|
|
26 | # token verification on openid callbacks | |
|
|
27 | def verify_authenticity_token | |
|
|
28 | unless using_open_id? | |
|
|
29 | super | |
|
|
30 | end | |
|
|
31 | end | |
|
|
32 | ||
|
|
25 | 33 | # Login request and validation |
|
|
26 | 34 | def login |
|
|
27 | 35 | if request.get? |
| @@ -131,6 +131,16 class AccountControllerOpenidTest < ActionController::TestCase | |||
|
|
131 | 131 | assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user' |
|
|
132 | 132 | end |
|
|
133 | 133 | |
|
|
134 | def test_post_login_should_not_verify_token_when_using_open_id | |
|
|
135 | ActionController::Base.allow_forgery_protection = true | |
|
|
136 | AccountController.any_instance.stubs(:using_open_id?).returns(true) | |
|
|
137 | AccountController.any_instance.stubs(:authenticate_with_open_id).returns(true) | |
|
|
138 | post :login | |
|
|
139 | assert_response 200 | |
|
|
140 | ensure | |
|
|
141 | ActionController::Base.allow_forgery_protection = false | |
|
|
142 | end | |
|
|
143 | ||
|
|
134 | 144 | def test_register_after_login_failure_should_not_require_user_to_enter_a_password |
|
|
135 | 145 | Setting.self_registration = '3' |
|
|
136 | 146 | |
General Comments 0
You need to be logged in to leave comments.
Login now