malcoauri
Reputation: 12199
How to generate csrf token for API?
I'm developing some API for my mobile app, and I want to add some action to render CSRF token in JSON. I know that there is helper csrf_meta_tags for HTML views, but how can I do it in controller? Thanks in advance.
Upvotes: 4
Views: 6726
Answers (2)
Baldrick
Reputation: 24350
You can use form_authenticity_token in the controller. It uses session[:_csrf_token] as suggested by @user123, and also initialize it if it has not been done yet (see source).
Upvotes: 3
Related Questions
- Can't verify CSRF token authenticity! RAILS API with POST
- CSRF tokens for Rails API application
- ruby on rails json rest api csrf token
- Rails - invalid CSRF while talking to api
- getting csrf tokens for json post requests to a rails app
- API/JSON: Can't verify CSRF token authenticity
- WARNING: Can't verify CSRF token authenticity in case of API development
- Protect API with CSRF token or other authentication
- Rails API design without disabling CSRF protection
- How to get CSRF token with rails3.2.x, before sending restful POST/PUT API, without any form/UI from server side?