ActionController :: InvalidAuthenticityToken Rails 5 / Design / Audit / PaperBig Stone

Question

ActionController :: InvalidAuthenticityToken Rails 5 / Design / Audit / PaperBig Stone

Forever Information

I am using Devise for authentication to enter the Rails 5 application.

Whenever I collect either Audited or Paper traffic , when I try # to create a new session (via the sign form - / users / sign_in) I get the following error:

ActionController::InvalidAuthenticityToken

Environmental information

Ruby 2.3.1

Gems:

rails 5.0.2
devise => 4.2.1
paper_trail => 7.0.1

Playback steps:

Create Rails 5 Application
Add gem
Add Audited or Paper Trail Gem
Login Attempt

+10

ruby ruby-on-rails devise acts-as-audited

aldefouw Apr 11 '17 at 21:00

source share

4 answers

In my project we have this problem and we cannot override protect_from_forgery . The solution is based on github being tested and working for me.

Put this in the gemfile:

 gem "audited", github: "collectiveidea/audited"

0

msfreire May 29 '17 at 19:11

source share

As indicated in the documentation .

For Rails 5, note that protect_from_forgery no longer added to the before_action chain, so if you set authenticate_user before protect_from_forgery your query will result in “I can’t verify the authenticity of the CSRF token.” To solve this problem, change the order in which you name it, or use protect_from_forgery prepend: true.

I used something like this and it works for me.

 class WelcomeController < ::Base protect_from_forgery with: :exception before_action :authenticate_model! end

0

Yashu mittal Sep 17 '17 at 19:29

source share

The solution for me was to manually go to browser settings and delete the cache.

0

jethro Jul 29 '19 at 21:55

source share

aldefouw · Accepted Answer · 2017-04-11T21:03:56+0000

As it turns out, the development of documentation is quite indicative of this error:

For Rails 5, note that protect_from_forgery is no longer added to the before_action chain, so if you set authenticate_user before protect_from_forgery , your request will result in “ Unable to authenticate CSRF token. ” To solve this problem, change the order in which you call them or use protect_from_forgery prepend: true .

The fix was to change the code in my application controller from this:

  protect_from_forgery with: :exception

On this:

  protect_from_forgery prepend: true

This problem did not appear until I tried to add Audited or Paper Trail gems.

ActionController :: InvalidAuthenticityToken Rails 5 / Design / Audit / PaperBig Stone

More articles: