I'm having a problem with logging in that I didn't have before. Up until today I was able to log in with no issues. Suddenly, when I try to log in I get:
登录时我遇到了以前没有的问题。直到今天,我都能够登录而没有任何问题。突然,当我尝试登录时,我得到:
ActionController::InvalidAuthenticityToken
def handle_unverified_request
raise ActionController::InvalidAuthenticityToken
end
Here's the development log:
这是开发日志:
Processing by RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"kLm2udi5jHmIQbva2h1HH9IExxFo1qt/p1u9UTjtBQaeHr/23gcrSfTyJdRvhIKYJWh/MyUbSY2zf0vHU8qA9A==", "user"=>{"first_name"=>"John", "last_name"=>"Mack", "username"=>"johnmack", "email"=>"john@mack.com", "password"=>"[FILTERED]", "avatar_cache"=>""}, "commit"=>"Sign up"}
Can't verify CSRF token authenticity
Completed 422 Unprocessable Entity in 2ms (ActiveRecord: 0.0ms)
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
actionpack (4.2.1) lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
actionpack (4.2.1) lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
devise (3.4.1) lib/devise/controllers/helpers.rb:251:in `handle_unverified_request'
actionpack (4.2.1) lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
Up until an couple hours ago I had no trouble logging in and out. I've tried clearing browser data, logging in from multiple browsers, restarting the server, dropping and recreating the db, and reverting my code back to what it was two days ago. I get the same error.
直到几个小时前,我没有登录和退出的麻烦。我已经尝试清除浏览器数据,从多个浏览器登录,重新启动服务器,删除并重新创建数据库,并将我的代码恢复到两天前的状态。我犯了同样的错误。
I'm using Rails 4.2 and Devise 3.
我正在使用Rails 4.2和Devise 3。
Is there something I'm missing here?
这里有什么我想念的吗?
Thank you.
1 个解决方案
#1
I ended up tracing the issue to how I was setting the session store to enable cross subdomain authentication. Originally I had this:
我最后跟踪问题是如何设置会话存储以启用跨子域身份验证。本来我有这个:
HeartbeatPods::Application.config.session_store :cookie_store, key: '_Heartbeat-pods_session', domain: ENV["HEARTBEAT_HOSTNAME"], tld_length: 2
I changed it to this:
我改成了这个:
if Rails.env.production?
Rails.application.config.session_store :cookie_store, key: '_Heartbeat-pods_session', domain: :all
else
Rails.application.config.session_store :cookie_store, key: '_Heartbeat-pods_session'
end
The original solution supported cross subdomain auth on my local system but ended up borking. The updated solution only supports cross subdomain auth on the production set up.
原始解决方案支持我的本地系统上的跨子域auth,但最终borking。更新的解决方案仅支持生产设置上的跨子域身份验证。
#1
I ended up tracing the issue to how I was setting the session store to enable cross subdomain authentication. Originally I had this:
我最后跟踪问题是如何设置会话存储以启用跨子域身份验证。本来我有这个:
HeartbeatPods::Application.config.session_store :cookie_store, key: '_Heartbeat-pods_session', domain: ENV["HEARTBEAT_HOSTNAME"], tld_length: 2
I changed it to this:
我改成了这个:
if Rails.env.production?
Rails.application.config.session_store :cookie_store, key: '_Heartbeat-pods_session', domain: :all
else
Rails.application.config.session_store :cookie_store, key: '_Heartbeat-pods_session'
end
The original solution supported cross subdomain auth on my local system but ended up borking. The updated solution only supports cross subdomain auth on the production set up.
原始解决方案支持我的本地系统上的跨子域auth,但最终borking。更新的解决方案仅支持生产设置上的跨子域身份验证。