Ask A Question

Notifications

You’re not receiving notifications from this thread.

Episode #165 - getting Can't verify CSRF token authenticity in --api project

Jiri Prochazka asked in Rails
Jiri Prochazka Jiri Prochazka
Hi,

I'm trying to use Knock as in episode #165 API Authentication with JSON Web Tokens (JWT) and Knock.

I'm going step by step, but when trying to obtain the token by:

curl --data "auth[email]=myemail@gmail.com&auth[password]=pass" http://localhost:3000/api/v1/user_token

I'm getting 'Unprocessabel entity' and in my log there is 'Can't verify CSRF token authenticity. Completed 500 Internal Server Error in 96ms'

But at the start I have created a brand new project with --api flag. I created the project twice to be sure (5.2.0.rc1).
Should not the rails new backend --api generate a project without CSRF?

Thanks
Reply
Jiri Prochazka Jiri Prochazka
Ok, I just tried with Rails 5.1.4 and it is working. So it is something with 5.2.0.rc1..
Reply
Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 73,723+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

    Twitter GitHub

    Solutions

    Support

    Company

    Legal

    © 2023 GoRails, LLC. All rights reserved.