X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/97b1290f1a9f784566cc352e744dc2d009ae49ce..95d899786a1bbabacc0cd12ef1c4814118d9d0de:/app/controllers/user_controller.rb?ds=sidebyside

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index fa93313b3..92a602ff1 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -1,6 +1,7 @@
 class UserController < ApplicationController
   layout :choose_layout
 
+  skip_before_filter :verify_authenticity_token, :only => [:api_details, :api_gpx_files]
   before_filter :disable_terms_redirect, :only => [:terms, :save, :logout, :api_details]
   before_filter :authorize, :only => [:api_details, :api_gpx_files]
   before_filter :authorize_web, :except => [:api_details, :api_gpx_files]
@@ -252,6 +253,10 @@ class UserController < ApplicationController
   def new
     @title = t 'user.new.title'
     @referer = params[:referer] || session[:referer]
+    @user = User.new(:email => params[:email],
+                     :email_confirmation => params[:email],
+                     :display_name => params[:nickname],
+                     :openid_url => params[:openid])
 
     if session[:user]
       # The user is logged in already, so don't show them the signup
@@ -517,7 +522,7 @@ private
     end
 
     # Start the authentication
-    authenticate_with_open_id(openid_expand_url(openid_url), :required => required) do |result, identity_url, sreg, ax|
+    authenticate_with_open_id(openid_expand_url(openid_url), :method => :get, :required => required) do |result, identity_url, sreg, ax|
       if result.successful?
         # We need to use the openid url passed back from the OpenID provider
         # rather than the one supplied by the user, as these can be different.
@@ -565,7 +570,7 @@ private
   def openid_verify(openid_url, user)
     user.openid_url = openid_url
 
-    authenticate_with_open_id(openid_expand_url(openid_url)) do |result, identity_url|
+    authenticate_with_open_id(openid_expand_url(openid_url), :method => :get) do |result, identity_url|
       if result.successful?
         # We need to use the openid url passed back from the OpenID provider
         # rather than the one supplied by the user, as these can be different.