if you got this error while requesting the application via JSON request:
exception ActionController::InvalidAuthenticityToken
backtrace":"[\"/home/uadmin/.rvm/gems/ruby-2.1.7/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'\",
\"/home/uadmin/.rvm/gems/ruby-2.1.7/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'\",
...
modify your controller:
class ApplicationController < ActionController::Base
skip_before_filter :verify_authenticity_token, if: :json_request?
def json_request?
request.format.json?
end
end
@alexventuraio,
It's been a while I have done any Rails stuff so I forgot the exact usage of the authenticity token. I compare it with a kind of "CSRF" check. If you use a React App, it can be served from a different domain than your API. Authentication must then be checked by a token.