Merge pull request #2485 from mmd-osm/patch/json2

[rails.git] / app / controllers / users_controller.rb

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index a3c21cd3d7ac7aefc5414ad952cbb0262d27ceff..514b3f8ee73f41d8d2284886ac11c1dde1addf47 100644 (file)
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -269,7 +269,7 @@ class UsersController < ApplicationController
   def logout
     @title = t "users.logout.title"
 
-    if params[:session] == session.id
+    if request.post?
       if session[:token]
         token = UserToken.find_by(:token => session[:token])
         token&.destroy
@@ -376,7 +376,7 @@ class UsersController < ApplicationController
     @user = User.find_by(:display_name => params[:display_name])
 
     if @user &&
-       (@user.visible? || (current_user&.administrator?))
+       (@user.visible? || current_user&.administrator?)
       @title = @user.display_name
     else
       render_unknown_user params[:display_name]
@@ -520,11 +520,11 @@ class UsersController < ApplicationController
 
       if user
         case user.status
-        when "pending" then
+        when "pending"
           unconfirmed_login(user)
-        when "active", "confirmed" then
+        when "active", "confirmed"
           successful_login(user, request.env["omniauth.params"]["referer"])
-        when "suspended" then
+        when "suspended"
           failed_login t("users.login.account is suspended", :webmaster => "mailto:#{Settings.support_email}").html_safe
         else
           failed_login t("users.login.auth failure")