FIX: Delete the invalid auth cookie even if you hit the rate limit

2025-05-21 18:12:32 +08:00 · 2018-02-09 19:09:54 -05:00
parent 2faa4c2f5f
commit 569e57f0a9
4 changed files with 27 additions and 6 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -159,6 +159,10 @@ class ApplicationController < ActionController::Base
  end

  rescue_from Discourse::InvalidAccess do |e|
+
+    if e.opts[:delete_cookie].present?
+      cookies.delete(e.opts[:delete_cookie])
+    end
    rescue_discourse_actions(
      :invalid_access,
      403,