diff --git a/app/models/user.rb b/app/models/user.rb
index 4b28f12..b132e32 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -15,6 +15,14 @@ class User < ActiveRecord::Base
     :email => {:label => _('Email'), :weight => 5},
   }
 
+  # see http://stackoverflow.com/a/2513456/670229
+  def self.current
+    Thread.current[:current_user]
+  end
+  def self.current=(user)
+    Thread.current[:current_user] = user
+  end
+
   def self.[](login)
     self.find_by_login(login)
   end
diff --git a/lib/authenticated_system.rb b/lib/authenticated_system.rb
index c31207b..ee95a63 100644
--- a/lib/authenticated_system.rb
+++ b/lib/authenticated_system.rb
@@ -1,5 +1,20 @@
 module AuthenticatedSystem
+
   protected
+
+    # See impl. from http://stackoverflow.com/a/2513456/670229
+    def self.included? base
+      base.around_filter do
+        begin
+          User.current = current_user
+          yield
+        ensure
+          # to address the thread variable leak issues in Puma/Thin webserver
+          User.current = nil
+        end
+      end
+    end
+
     # Returns true or false if the user is logged in.
     # Preloads @current_user with the user model if they're logged in.
     def logged_in?
@@ -8,7 +23,9 @@ module AuthenticatedSystem
 
     # Accesses the current user from the session.
     def current_user
-      @current_user ||= (session[:user] && User.find_by_id(session[:user])) || nil
+      @current_user ||= begin
+        User.current = (session[:user] && User.find_by_id(session[:user])) || nil
+      end
     end
 
     # Store the given user in the session.
@@ -19,7 +36,7 @@ module AuthenticatedSystem
         session[:user] = new_user.id
         new_user.register_login
       end
-      @current_user = new_user
+      @current_user = User.current = new_user
     end
 
     # Check if the user is authorized.
--
libgit2 0.21.2