|
|
Previously the "log in as" function after 3b6e5a692b852a88f55b21a7210f60a6f7cfc24b
would attempt to log the admin user out before issuing the redirect. Unfortunately
this approach does not work on WhatDoTheyKnow, where the admin pages are served via
a different domain (secure.mysociety.org) and so do not share session information with
the rest of the site.
This commit changes it to mark the PostRedirect with circumstance == "login_as",
which signals the user controller to log out the previous user even if they are
an admin. In other words, the user is logged out on the main site rather than the
admin site, skirting this problem.
Closes #450.
|
