Rails / Doorkeeper: unable to authenticate CSRF token

Question

Rails / Doorkeeper: unable to authenticate CSRF token

I am using Rails 3.2 with the Doorkeeper gem to provide OAuth 2 APIs for third-party developers. I keep getting this warning when using my REST API outside the application:

WARNING: CSRF Token cannot be authenticated

The client application is successfully authenticated through OAuth2. Why am I getting this warning and how to properly implement this csrf for an external API?

+3

ruby-on-rails oauth-2.0 csrf

Alexander Savin Apr 27 '12 at 13:19

source share

2 answers

CSRF , ... , protect_from_forgery ApplicationController. create ... .

class MessagesController < ApplicationController
  protect_from_forgery with: :null_session, only: [:create]
  # doorkeeper_for :create
end

, .

, , ...

+2

King'ori Maina 21 . '14 8:21

jessecurry · Accepted Answer · 2012-04-27T13:24:20+0000

Remove protect_from_forgeryfrom your ApplicationController (or remove it for API calls).

Rails / Doorkeeper: unable to authenticate CSRF token

More articles: