Merge branch 'master' into feature/limit_user_leak

Conflicts: users/lib/warden/strategies/secure_remote_password.rb
author: Azul <azul@leap.se> 2013-03-05 13:35:05 +0100
committer: Azul <azul@leap.se> 2013-03-05 13:35:05 +0100
commit: 27c16ccceffa1d8eaaf02612cf29a60bfe6ced01 (patch)
tree: 1df9d9900872cf2e97d5c27b4175816eff5cbf80 /users/app/controllers
parent: 733426aa3992dafaf1c58ede7e74018057a01148 (diff)
parent: 87c306ea212c01ecc8f98009def5971fc4d5af11 (diff)
2 files changed, 9 insertions, 3 deletions
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 0345fbd..01ecff6 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -1,7 +1,5 @@
 class SessionsController < ApplicationController
 
-  skip_before_filter :verify_authenticity_token
-
   def new
     @session = Session.new
     if authentication_errors
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 27d10fb..0551ca9 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -18,12 +18,20 @@ module V1
 
     def update
       authenticate!
-      render :json => session.delete(:handshake)
+      render :json => login_response
     end
 
     def destroy
       logout
       redirect_to root_path
     end
+
+    protected
+
+    def login_response
+      handshake = session.delete(:handshake)
+      handshake.to_hash.merge(:id => current_user.id)
+    end
+
   end
 end
author	Azul <azul@leap.se>	2013-03-05 13:35:05 +0100
committer	Azul <azul@leap.se>	2013-03-05 13:35:05 +0100
commit	27c16ccceffa1d8eaaf02612cf29a60bfe6ced01 (patch)
tree	1df9d9900872cf2e97d5c27b4175816eff5cbf80 /users/app/controllers
parent	733426aa3992dafaf1c58ede7e74018057a01148 (diff)
parent	87c306ea212c01ecc8f98009def5971fc4d5af11 (diff)