From 1b81f73325dc0a2001472a6b891f1adfd53c5e25 Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Thu, 17 Oct 2013 10:37:06 +1100
Subject: [PATCH] logged in requests were being treated as anon, causing major
 havoc

---
 lib/auth/default_current_user_provider.rb          | 2 +-
 spec/components/middleware/anonymous_cache_spec.rb | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/auth/default_current_user_provider.rb b/lib/auth/default_current_user_provider.rb
index 68f09e338..5a4e5df4e 100644
--- a/lib/auth/default_current_user_provider.rb
+++ b/lib/auth/default_current_user_provider.rb
@@ -73,7 +73,7 @@ class Auth::DefaultCurrentUserProvider
 
   def has_auth_cookie?
     request = Rack::Request.new(@env)
-    cookie = request.cookies[CURRENT_USER_KEY]
+    cookie = request.cookies[TOKEN_COOKIE]
     !cookie.nil? && cookie.length == 32
   end
 end
diff --git a/spec/components/middleware/anonymous_cache_spec.rb b/spec/components/middleware/anonymous_cache_spec.rb
index 10bc1c128..a72b94b84 100644
--- a/spec/components/middleware/anonymous_cache_spec.rb
+++ b/spec/components/middleware/anonymous_cache_spec.rb
@@ -19,6 +19,10 @@ describe Middleware::AnonymousCache::Helper do
     it "is false for non GET" do
       new_helper("ANON_CACHE_DURATION" => 10, "REQUEST_METHOD" => "POST").cacheable?.should be_false
     end
+
+    it "is false if it has an auth cookie" do
+      new_helper("HTTP_COOKIE" => "jack=1; _t=#{"1"*32}; jill=2").cacheable?.should be_false
+    end
   end
 
   context "cached" do