CODEWITHSUNDEEP
ruby-on-railscsrf
Chatthana Janethanakarn
Chatthana Janethanakarn

Reputation: 183

Rails CSRF issue on receiving POST request from API

I am working on Rails application which interacts with the API. Now there is a step that the API will send the POST request to the application and I tried saving the returned data to the database. But it looks like the application does not accept the data and return 422 : Unprocessable Entity

Here is the error message from the log file

W, [2016-02-29T12:21:54.865291 #22727]  WARN -- : Can't verify CSRF token authenticity
I, [2016-02-29T12:21:54.865839 #22727]  INFO -- : Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms)
F, [2016-02-29T12:21:54.870852 #22727] FATAL -- :
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
 actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
actionpack (4.2.4) lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'

I also tried disabling the CSRF

class MyController < ApplicationController

    skip_before_action :verify_authenticity_token

end

But it still doesn't work.

Please help me get through this. I have been struggling with this issue for three days.

Upvotes: 1

Views: 729

Answers (1)

Pitabas Prathal
Pitabas Prathal

Reputation: 1012

You can try this

    protect_from_forgery with: :null_session, if: Proc.new { |c| c.request.format == 'application/json' }

Upvotes: 0

Related Questions