From f946040fa94a3acb3b1f54873e6f95766595829c Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Thu, 3 Mar 2016 15:09:43 -0500
Subject: #1891 attempt to fix expected invalid CSRF token

- Remove unused config settings `[picture] service`
---
 modules/middleware/auth.go | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

(limited to 'modules/middleware')

diff --git a/modules/middleware/auth.go b/modules/middleware/auth.go
index 5c470d9a..e7460fc6 100644
--- a/modules/middleware/auth.go
+++ b/modules/middleware/auth.go
@@ -109,17 +109,11 @@ func Toggle(options *ToggleOptions) macaron.Handler {
 			}
 		}
 
-		// Try auto-signin when not signed in.
-		if !options.SignOutRequire && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) {
-			succeed, err := AutoSignIn(ctx)
-			if err != nil {
-				ctx.Handle(500, "AutoSignIn", err)
-				return
-			} else if succeed {
-				log.Trace("Auto-login succeed: %s", ctx.Session.Get("uname"))
-				ctx.Redirect(setting.AppSubUrl + ctx.Req.RequestURI)
-				return
-			}
+		// Auto-signin info is provided and has not signed in.
+		if !options.SignOutRequire && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) &&
+			len(ctx.GetCookie(setting.CookieUserName)) > 0 {
+			ctx.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
+			ctx.Redirect(setting.AppSubUrl + ctx.Req.RequestURI)
 		}
 
 		if options.AdminRequire {
-- 
cgit v1.2.3