From: Tom Hughes <tom@compton.nu>
Date: Thu, 16 Apr 2015 10:14:57 +0000 (+0100)
Subject: Prefer username/password to openid_url if both are set
X-Git-Tag: live~4100
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/2111ace158f3dd9496d49f82529074d77557b2d2?hp=ddaf43bc0ecc59f9417118000bb8d2f041cfe6bf

Prefer username/password to openid_url if both are set
---

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index c7e44dab6..fcd330ec3 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -252,14 +252,12 @@ class UserController < ApplicationController
   def login
     session[:referer] = params[:referer] if params[:referer]
 
-    if params[:username] || params[:openid_url]
-      if params[:openid_url].present?
-        session[:remember_me] ||= params[:remember_me_openid]
-        redirect_to auth_url("openid", params[:openid_url])
-      else
-        session[:remember_me] ||= params[:remember_me]
-        password_authentication(params[:username], params[:password])
-      end
+    if params[:username].present? && params[:password].present?
+      session[:remember_me] ||= params[:remember_me]
+      password_authentication(params[:username], params[:password])
+    elsif params[:openid_url].present?
+      session[:remember_me] ||= params[:remember_me_openid]
+      redirect_to auth_url("openid", params[:openid_url])
     end
   end