fix: Error 422 after session timeout #143
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🎩 Description
Please describe your pull request.
When user is logged in and session expires, she is automatically logged out. When user is logged out from a restrictive route, she is redirected to signin route without reload and CSRF token is now expired on form submit, causing a 422 Error "InvalidAuthenticityToken"
This PRs aims to change after_sign_out_path from "request.referer" to "stored_location_for(user)"
📌 Related Issues
Link your PR to an issue
Testing
Describe the best way to test or validate your PR.
DECIDIM_SESSION_TIMEOUT=1
(unit: Minutes)/admin
Testing using Docker
DECIDIM_SESSION_TIMEOUT
value in both services in filedocker-compose.local.yml
make run
Tasks
DECIDIM_SESSION_TIMEOUT
Extra info
DECIDIM_SESSION_TIMEOUT