Matchu
45090b8d1c
In the login case, we save the `return_to` parameter in the session, because login can be a multi-step process. In the logout case, we just read it directly from the form params. Note that you *could* end up in a weird scenario where an old return_to value sticks around for a bit? But we have the sense to delete it when we use it on a successful sign-in, and most links to the login page come with a `return_to` param which should reset it. So, you'd have to 1) have started but not finished a sign-in, 2) during the same session, and 3) get to the login page by an unusual means. Probably fine! |
||
---|---|---|
.. | ||
assets | ||
controllers | ||
helpers | ||
mailers | ||
models | ||
views |