All threads / Episode #165 - getting Can't verify CSRF token authenticity in --api project

Ask A Question

Notifications

You’re not receiving notifications from this thread.

Episode #165 - getting Can't verify CSRF token authenticity in --api project

Jiri Prochazka asked in Rails
Hi,

I'm trying to use Knock as in episode #165 API Authentication with JSON Web Tokens (JWT) and Knock.

I'm going step by step, but when trying to obtain the token by:

curl --data "auth[email][email protected]&auth[password]=pass" http://localhost:3000/api/v1/user_token

I'm getting 'Unprocessabel entity' and in my log there is 'Can't verify CSRF token authenticity. Completed 500 Internal Server Error in 96ms'

But at the start I have created a brand new project with --api flag. I created the project twice to be sure (5.2.0.rc1).
Should not the rails new backend --api generate a project without CSRF?

Thanks
Ok, I just tried with Rails 5.1.4 and it is working. So it is something with 5.2.0.rc1..
Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 37,629+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    logo Created with Sketch.

    Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

    © 2020 GoRails, LLC. All rights reserved.