From d30a27b3bb12b46cf4b8bf05d6cab128fb654a4e Mon Sep 17 00:00:00 2001
From: rxl <me@ryanshea.org>
Date: Thu, 11 Jul 2013 14:14:28 -0400
Subject: [PATCH 1/2] remove '@anonymous_user_required' from confirm_email()

---
 flask_security/views.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/flask_security/views.py b/flask_security/views.py
index dc25c46..afe113d 100644
--- a/flask_security/views.py
+++ b/flask_security/views.py
@@ -200,7 +200,6 @@ def send_confirmation():
                            **_ctx('send_confirmation'))
 
 
-@anonymous_user_required
 def confirm_email(token):
     """View function which handles a email confirmation request."""
 

From 03d27cd600d32b46cdfac505d0c14f63891f8f53 Mon Sep 17 00:00:00 2001
From: rxl <me@ryanshea.org>
Date: Thu, 11 Jul 2013 14:14:50 -0400
Subject: [PATCH 2/2] add logout_user() to the beginning of confirm_email()

---
 flask_security/views.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/flask_security/views.py b/flask_security/views.py
index afe113d..4b18cc7 100644
--- a/flask_security/views.py
+++ b/flask_security/views.py
@@ -203,6 +203,8 @@ def send_confirmation():
 def confirm_email(token):
     """View function which handles a email confirmation request."""
 
+    logout_user()
+
     expired, invalid, user = confirm_email_token_status(token)
 
     if not user or invalid: