Allow a logged in user to relogin as a different user just by visiting

the login page.

app/controllers/user_controller.rb

@@ -146,43 +146,39 @@ class UserController < ApplicationController
   def new
     @title = t 'user.new.title'
 
-    # The user is logged in already, so don't show them the signup page, instead
+    # The user is logged in already, so don't show them the signup
-    # send them to the home page
+    # page, instead send them to the home page
     redirect_to :controller => 'site', :action => 'index' if session[:user]
   end
 
   def login
-    if params[:user] and session[:user].nil?
+    @title = t 'user.login.title'
+
+    if params[:user]
       email_or_display_name = params[:user][:email]
       pass = params[:user][:password]
       user = User.authenticate(:username => email_or_display_name, :password => pass)
+
       if user
         session[:user] = user.id
         session_expires_after 1.month if params[:remember_me]
-      elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true)
+
+        # The user is logged in, if the referer param exists, redirect
+        # them to that unless they've also got a block on them, in
+        # which case redirect them to the block so they can clear it.
+        if user.blocked_on_view
+          redirect_to user.blocked_on_view, :referrer => params[:referrer]
+        elsif params[:referer]
+          redirect_to params[:referer]
+        else
+          redirect_to :controller => 'site', :action => 'index'
+        end
+       elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true)
         flash.now[:error] = t 'user.login.account not active'
       else
         flash.now[:error] = t 'user.login.auth failure'
       end
     end
-
-    if session[:user]
-      # The user is logged in, if the referer param exists, redirect them to that
-      # unless they've also got a block on them, in which case redirect them to
-      # the block so they can clear it.
-      user = User.find(session[:user])
-      block = user.blocked_on_view
-      if block
-        redirect_to block, :referrer => params[:referrer]
-      elsif params[:referer]
-        redirect_to params[:referer]
-      else
-        redirect_to :controller => 'site', :action => 'index'
-      end
-      return
-    end
-
-    @title = t 'user.login.title'
   end
 
   def logout

app/views/user/login.html.erb

@@ -5,8 +5,8 @@
 <% form_tag :action => 'login' do %>
 <%= hidden_field_tag('referer', h(params[:referer])) %>
 <table id="loginForm">
-  <tr><td class="fieldName"><%= t 'user.login.email or username' %></td><td><%= text_field('user', 'email',{:size => 28, :maxlength => 255, :tabindex => 1}) %></td></tr>
+  <tr><td class="fieldName"><%= t 'user.login.email or username' %></td><td><%= text_field('user', 'email',{:value => "", :size => 28, :maxlength => 255, :tabindex => 1}) %></td></tr>
-  <tr><td class="fieldName"><%= t 'user.login.password' %></td><td><%= password_field('user', 'password',{:size => 28, :maxlength => 255, :tabindex => 2}) %> <span class="minorNote">(<%= link_to t('user.login.lost password link'), :controller => 'user', :action => 'lost_password' %>)</span></td></tr>
+  <tr><td class="fieldName"><%= t 'user.login.password' %></td><td><%= password_field('user', 'password',{:value => "", :size => 28, :maxlength => 255, :tabindex => 2}) %> <span class="minorNote">(<%= link_to t('user.login.lost password link'), :controller => 'user', :action => 'lost_password' %>)</span></td></tr>
   <tr><td class="fieldName"><label for="remember_me"><%= t 'user.login.remember' %></label></td><td><%= check_box_tag "remember_me", "yes", false, :tabindex => 3 %></td></tr> 
   <tr><td colspan="2">&nbsp;<!--vertical spacer--></td></tr>
   <tr><td></td><td align="right"><%= submit_tag t('user.login.login_button'), :tabindex => 3 %></td></tr>