From 57307e66954965b8cfe0f84c4e256e0100f46a9c Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Mon, 15 Jun 2015 12:49:54 +0200
Subject: [PATCH] Directly link sign in button on page headers with CAS login

The following formerly separate commits have been merged in:

* Adjust 'Sign in' button for GitLab's CSRF protection

  GitLab introduced CSRF protection for authentication requests in
  571ba5a7. The 'Sign in' button has been
  adjusted to send a POST request.

* Opt out of turbolinks for 'Sign in' button
---
 app/views/layouts/header/_default.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/layouts/header/_default.html.haml b/app/views/layouts/header/_default.html.haml
index e7fc83a8d04..fc8ebdd13e2 100644
--- a/app/views/layouts/header/_default.html.haml
+++ b/app/views/layouts/header/_default.html.haml
@@ -71,7 +71,7 @@
           - else
             %li
               %div
-                = link_to "Sign in / Register", new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
+                = link_to "Sign in", omniauth_authorize_path(:user, :cas3), method: :post, class: 'btn btn-sign-in', "data-no-turbolink" => "true"
 
       %button.navbar-toggle.hidden-sm.hidden-md.hidden-lg{ type: 'button' }
         %span.sr-only Toggle navigation
-- 
GitLab