From b9c065505a30343399e62e8b7e31af8ff3106cfc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20G=C3=BCnther?= <mail@oliverguenther.de>
Date: Wed, 26 Sep 2018 08:28:20 +0200
Subject: [PATCH] [28579] Ensure resetting the session before forwarding to
 login

This might just fix the following issue since the cookie will be deleted
and reset.

https://community.openproject.com/wp/28579
---
 app/controllers/application_controller.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b6de0ade31..aee644524a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -245,6 +245,10 @@ class ApplicationController < ActionController::Base
 
   def require_login
     unless User.current.logged?
+
+      # Ensure we reset the session to terminate any old session objects
+      reset_session
+
       respond_to do |format|
         format.any(:html, :atom) do redirect_to signin_path(back_url: login_back_url) end