Dana Hughes

Those having this issue should skip to Part 40 of this tutorial where Chris fixes this.

It's not mentioned here because when this was recorded, the OmniAuth gem allowed GET requests. The gem has since been updated to v2 where only POST requests are allowed by default. This is fixed with the OmniAuth CSRF Protection gem, which is explained in Part 40.

Chris, if you see this, it might be good to add a note or annotation to this video explaining that the latest version of OmniAuth now prevents GET requests by default, so an error will occur without adding OmniAuth CSRF Protection or enabling GET requests in the OmniAuth initializer.