From cefad828bfb0e690efe4c5114bb7217ba1d7484b Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Mon, 15 Jun 2015 12:49:54 +0200
Subject: [PATCH] Directly link sign in button on page headers with CAS login

The following formerly separate commits have been merged in:

* Adjust 'Sign in' button for GitLab's CSRF protection

  GitLab introduced CSRF protection for authentication requests in
  571ba5a7. The 'Sign in' button has been
  adjusted to send a POST request.

* Opt out of turbolinks for 'Sign in' button
---
 app/views/layouts/header/_default.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/layouts/header/_default.html.haml b/app/views/layouts/header/_default.html.haml
index 044b49c12c..1c245b7517 100644
--- a/app/views/layouts/header/_default.html.haml
+++ b/app/views/layouts/header/_default.html.haml
@@ -68,7 +68,7 @@
             %li.nav-item
               %div
                 - sign_in_text = allow_signup? ? _('Sign in / Register') : _('Sign in')
-                = link_to sign_in_text, new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
+                = link_to "Sign in", omniauth_authorize_path(:user, :cas3), method: :post, class: 'btn btn-sign-in', "data-no-turbolink" => "true"
 
       %button.navbar-toggler.d-block.d-sm-none{ type: 'button' }
         %span.sr-only= _('Toggle navigation')
-- 
2.23.0.rc1