Commit 0948f85e authored by's avatar
Browse files

gracefully handle old csrf tokens

parent 2ec82f66
......@@ -7,6 +7,16 @@ class ApplicationController < ActionController::Base
before_action :set_locale
def handle_unverified_request
# TODO. We reset the user session on logout and failed logins. This causes
# the csrf token to change. Thus with two tabs open, the second tab will
# have an invalid csrf after loging out in the first tab. We might be able
# to do something fancy here, e.g. we could preserve _csrf_token in
# reset_user_session (if we convince ourselves that this is a good idea).
# For now we just redirect back to the login...
redirect_to login_path
def available_locales
[:de, :en, :fr, :es, :it]
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment