Commit 18aef599 authored by Daniel Gerhardt's avatar Daniel Gerhardt

Directly link sign in button on page headers with CAS login

The following formerly separate commits have been merged in:

* Adjust 'Sign in' button for GitLab's CSRF protection

  GitLab introduced CSRF protection for authentication requests in
  571ba5a7. The 'Sign in' button has been
  adjusted to send a POST request.

* Opt out of turbolinks for 'Sign in' button
parent b34097f2
...@@ -74,7 +74,7 @@ ...@@ -74,7 +74,7 @@
%li.nav-item.m-auto %li.nav-item.m-auto
%div %div
- sign_in_text = allow_signup? ? _('Sign in / Register') : _('Sign in') - sign_in_text = allow_signup? ? _('Sign in / Register') : _('Sign in')
= link_to sign_in_text, new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in' = link_to "Sign in", omniauth_authorize_path(:user, :cas3), method: :post, class: 'btn btn-sign-in', "data-no-turbolink" => "true"
%button.navbar-toggler.d-block.d-sm-none{ type: 'button' } %button.navbar-toggler.d-block.d-sm-none{ type: 'button' }
%span.sr-only= _('Toggle navigation') %span.sr-only= _('Toggle navigation')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment