From: Claire <claire.github-309c@sitedethib.com>
Date: Mon, 24 Jan 2022 20:52:45 +0000 (+0100)
Subject: Renew Rails session ID on successful registration
X-Git-Url: https://git.xn--scling-oua.cat.family/?a=commitdiff_plain;h=6a2f248fe4ed59f512dd318a006209fb7b71aa7e;p=mastodon.git

Renew Rails session ID on successful registration
---

diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 3c9b38a4b..0db9cb84d 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -141,6 +141,11 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   def sign_up(resource_name, resource)
     clear_captcha!
+
+    old_session_values = session.to_hash
+    reset_session
+    session.update old_session_values.except('session_id')
+
     super
   end