X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/5fdddf2a8a98362ee646fb9cd22fadeaea185b46..9c93fe906d4556bfbca94f5a826ebb9e3467d362:/app/controllers/accounts_controller.rb

diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index db9721010..085d1bfea 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -11,15 +11,11 @@ class AccountsController < ApplicationController
 
   before_action :check_database_readable
   before_action :check_database_writable, :only => [:update]
-  before_action :allow_thirdparty_images, :only => [:edit, :update]
 
-  def edit
-    @tokens = current_user.oauth_tokens.authorized
-
-    append_content_security_policy_directives(
-      :form_action => %w[accounts.google.com *.facebook.com login.live.com github.com meta.wikimedia.org]
-    )
+  allow_thirdparty_images :only => [:edit, :update]
+  allow_social_login :only => [:edit, :update]
 
+  def edit
     if errors = session.delete(:user_errors)
       errors.each do |attribute, error|
         current_user.errors.add(attribute, error)
@@ -29,12 +25,6 @@ class AccountsController < ApplicationController
   end
 
   def update
-    @tokens = current_user.oauth_tokens.authorized
-
-    append_content_security_policy_directives(
-      :form_action => %w[accounts.google.com *.facebook.com login.live.com github.com meta.wikimedia.org]
-    )
-
     user_params = params.require(:user).permit(:display_name, :new_email, :pass_crypt, :pass_crypt_confirmation, :auth_provider)
 
     if params[:user][:auth_provider].blank? ||