mirrors/fluentd-ui
1
0
Fork 0
mirror of https://github.com/fluent/fluentd-ui.git synced 2026-05-05 19:06:12 +02:00
Code Issues Projects Releases Wiki Activity

Only store password if default password is used

Browse Source
This commit is contained in:
uu59 2014-07-31 17:34:15 +09:00
parent ec44ba10d6
commit 982b5b3d4e
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/sessions_controller.rb
View File

@ -38,6 +38,8 @@ class SessionsController < ApplicationController
def sign_in(user)
# NOTE: Cookie will encrypt by Rails, but store raw password into session is a bad practice.
# If we use some DB in the future, change this to store token with expire limitation (not password).
session[:succeed_password] = session_params[:password]
#
# Currently, only store to session if default password is used.
session[:succeed_password] = session_params[:password] if session_params[:password] == Settings.default_password
end
end