From 5b2e3e76fed553b0b795299d2afc6f9f24bede8b Mon Sep 17 00:00:00 2001 From: Matthew Ford Date: Tue, 20 Jul 2021 18:09:24 +0100 Subject: [PATCH 1/2] do not raise skip verify_authenticity_token if not yet defined. --- app/controllers/cloudtasker/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/cloudtasker/application_controller.rb b/app/controllers/cloudtasker/application_controller.rb index d2f82aa0..d37c6936 100644 --- a/app/controllers/cloudtasker/application_controller.rb +++ b/app/controllers/cloudtasker/application_controller.rb @@ -3,6 +3,6 @@ module Cloudtasker # Base Cloudtasker controller class ApplicationController < ActionController::Base - skip_before_action :verify_authenticity_token + skip_before_action :verify_authenticity_token, raise: false end end From fb5cfc1ae2d4e83d6ad0f04b121a56d11301f9cf Mon Sep 17 00:00:00 2001 From: Matthew Ford Date: Tue, 20 Jul 2021 18:30:14 +0100 Subject: [PATCH 2/2] move skip_before_action :verify_authenticity_token to worker controller --- app/controllers/cloudtasker/application_controller.rb | 1 - app/controllers/cloudtasker/worker_controller.rb | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/cloudtasker/application_controller.rb b/app/controllers/cloudtasker/application_controller.rb index d37c6936..dfe6e86a 100644 --- a/app/controllers/cloudtasker/application_controller.rb +++ b/app/controllers/cloudtasker/application_controller.rb @@ -3,6 +3,5 @@ module Cloudtasker # Base Cloudtasker controller class ApplicationController < ActionController::Base - skip_before_action :verify_authenticity_token, raise: false end end diff --git a/app/controllers/cloudtasker/worker_controller.rb b/app/controllers/cloudtasker/worker_controller.rb index c4cfa72e..c0a28abc 100644 --- a/app/controllers/cloudtasker/worker_controller.rb +++ b/app/controllers/cloudtasker/worker_controller.rb @@ -3,6 +3,8 @@ module Cloudtasker # Handle execution of workers class WorkerController < ApplicationController + skip_before_action :verify_authenticity_token, raise: false + # Authenticate all requests. before_action :authenticate!