]> cat aescling's git repositories - mastodon.git/commitdiff
Renew Rails session ID on successful registration
authorClaire <claire.github-309c@sitedethib.com>
Mon, 24 Jan 2022 20:52:45 +0000 (21:52 +0100)
committerClaire <claire.github-309c@sitedethib.com>
Mon, 24 Jan 2022 21:01:05 +0000 (22:01 +0100)
app/controllers/auth/registrations_controller.rb

index 3c9b38a4bf4757a86dec9362bbd2fb5c727970cd..0db9cb84d7e05d4fe9d06b825270e9725e31a18f 100644 (file)
@@ -141,6 +141,11 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   def sign_up(resource_name, resource)
     clear_captcha!
+
+    old_session_values = session.to_hash
+    reset_session
+    session.update old_session_values.except('session_id')
+
     super
   end