From 653f92e6ac5c0b61e8113665735d929426deb714 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Thu, 20 Apr 2017 15:59:18 +0200
Subject: fix: set token in forms correctly

We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
---
 app/controllers/api/sessions_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/controllers/api/sessions_controller.rb')

diff --git a/app/controllers/api/sessions_controller.rb b/app/controllers/api/sessions_controller.rb
index 178f86e..3883115 100644
--- a/app/controllers/api/sessions_controller.rb
+++ b/app/controllers/api/sessions_controller.rb
@@ -25,7 +25,7 @@ module Api
     def update
       authenticate!
       @token = Token.create(:user_id => current_user.id)
-      session[:token] = @token.id
+      session[:token] = @token.to_s
       render :json => login_response
     end
 
-- 
cgit v1.2.3