kolan/Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not autologin if more that one token is found (#3351).

Browse Source 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2742 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2009-05-13 16:56:31 +00:00
parent f5eb1be268
commit b87753c90d
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/models/user.rb
View File

@ -128,10 +128,14 @@ class User < ActiveRecord::Base
# Returns the user who matches the given autologin +key+ or nil # Returns the user who matches the given autologin +key+ or nil
def self.try_to_autologin(key) def self.try_to_autologin(key)
token = Token.find_by_action_and_value('autologin', key) tokens = Token.find_all_by_action_and_value('autologin', key)
if token && (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active? # Make sure there's only 1 token that matches the key
token.user.update_attribute(:last_login_on, Time.now) if tokens.size == 1
token.user token = tokens.first
if (token.created_on > Setting.autologin.to_i.day.ago) && token.user && token.user.active?
token.user.update_attribute(:last_login_on, Time.now)
token.user
end
end end
end end