Merge pull request #2975 from jaswilli/csrf

Fix csrfSecret handling
2025-01-03 00:15:11 +03:00 · 2014-06-17 20:16:26 +01:00 · 2014-06-17 20:16:26 +01:00 · b21948ded5
commit b21948ded5
parent 7bc4d9f455 d9a21c8d0c
1 changed files with 8 additions and 0 deletions
--- a/ghost/admin/routes/signin.js
+++ b/ghost/admin/routes/signin.js
@ -23,6 +23,14 @@ var SigninRoute = Ember.Route.extend(styleBody, {
                    headers: {'X-CSRF-Token': this.get('csrf')},
                    data: data
                }).then(function (response) {
+                    // once the email and password are pulled from the controller
+                    // they need to be cleared, or they will reappear next time the signin
+                    // page is visited
+                    controller.setProperties({
+                        email: '',
+                        password: ''
+                    });
+
                    self.store.pushPayload({users: [response.userData]});
                    return self.store.find('user', response.userData.id);
                }).then(function (user) {