X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/2e4b3b138deaed741dd601d309e9df3bf8ec8fc1..1498ac2bab4aabdd71066e4644ad20a6ac555827:/app/controllers/user_sessions_controller.rb

diff --git a/app/controllers/user_sessions_controller.rb b/app/controllers/user_sessions_controller.rb
index f941cb0653..28e7e795cd 100644
--- a/app/controllers/user_sessions_controller.rb
+++ b/app/controllers/user_sessions_controller.rb
@@ -29,16 +29,18 @@ class UserSessionsController < ApplicationController
                       :first_name => omniauth['info']['first_name'],
                       :last_name => omniauth['info']['last_name'],
                       :identity_url => omniauth['info']['identity_url'])
-      Thread.current[:user] = user # prevents OrvosModel#before_create
-                                   # from throwing "unauthorized"
-      user.save!
     else
       user.email = omniauth['info']['email']
       user.first_name = omniauth['info']['first_name']
       user.last_name = omniauth['info']['last_name']
-      user.save
     end
 
+    # prevent OrvosModel#before_create and _update from throwing
+    # "unauthorized":
+    Thread.current[:user] = user
+
+    user.save!
+
     omniauth.delete('extra')
 
     # Give the authenticated user a cookie for direct API access
@@ -64,7 +66,8 @@ class UserSessionsController < ApplicationController
     session[:user_id] = nil
 
     flash[:notice] = 'You have logged off'
-    redirect_to "#{CUSTOM_PROVIDER_URL}/users/sign_out?redirect_uri=#{root_url}"
+    return_to = params[:return_to] || root_url
+    redirect_to "#{CUSTOM_PROVIDER_URL}/users/sign_out?redirect_uri=#{CGI.escape return_to}"
   end
 
   # login - Just bounce to /auth/joshid. The only purpose of this function is