diff options
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 3 | ||||
| -rw-r--r-- | t/app/controller/report_new.t | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 65533b1d2..be95040e1 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -85,6 +85,9 @@ sub sign_in : Private { $c->set_session_cookie_expire(0) unless $remember_me; + # Regenerate CSRF token as session ID changed + $c->forward('get_csrf_token'); + return 1; } diff --git a/t/app/controller/report_new.t b/t/app/controller/report_new.t index eb29d37da..ba550193e 100644 --- a/t/app/controller/report_new.t +++ b/t/app/controller/report_new.t @@ -701,6 +701,7 @@ subtest "test password errors for a user who is signing in as they report" => su subtest "test report creation for a user who is signing in as they report" => sub { $mech->log_out_ok; + $mech->cookie_jar({}); $mech->clear_emails_ok; # check that the user does not exist |