Define ldap methods at runtime

This avoids loading the `OmniAuthCallbacksController` at boot time so it doesn't mess up the `before_action`-chain
author: Bob Van Landuyt <bob@vanlanduyt.co> 2017-07-26 11:57:05 +0200
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2017-08-24 17:33:53 +0200
commit: f8865e9c1303be7302306bea9dd1057bf3b3f608 (patch)
tree: 6dadf2a46c163a43c2acc2e3521657e65386dedf /app/controllers/sessions_controller.rb
parent: 88892e43adecd68de7940fdc9856a4557098cb6c (diff)
download: gitlab-ce-f8865e9c1303be7302306bea9dd1057bf3b3f608.tar.gz
1 files changed, 0 insertions, 8 deletions
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 9e743685d60..be6491d042c 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -5,14 +5,6 @@ class SessionsController < Devise::SessionsController
 
   skip_before_action :check_two_factor_requirement, only: [:destroy]
 
-  # Explicitly call protect from forgery before anything else. Otherwise the
-  # CSFR-token might be cleared before authentication is done. This was the case
-  # when LDAP was enabled and the `OmniauthCallbacksController` is loaded
-  #
-  # *Note:* `prepend: true` is the default for rails4, but this will be changed
-  # to `prepend: false` in rails5.
-  protect_from_forgery prepend: true, with: :exception
-
   prepend_before_action :check_initial_setup, only: [:new]
   prepend_before_action :authenticate_with_two_factor,
     if: :two_factor_enabled?, only: [:create]
author	Bob Van Landuyt <bob@vanlanduyt.co>	2017-07-26 11:57:05 +0200
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2017-08-24 17:33:53 +0200
commit	f8865e9c1303be7302306bea9dd1057bf3b3f608 (patch)
tree	6dadf2a46c163a43c2acc2e3521657e65386dedf /app/controllers/sessions_controller.rb
parent	88892e43adecd68de7940fdc9856a4557098cb6c (diff)
download	gitlab-ce-f8865e9c1303be7302306bea9dd1057bf3b3f608.tar.gz