Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid Authenticity Token with last version #109

Closed
nicolas-besnard opened this issue Jan 11, 2015 · 9 comments
Closed

Invalid Authenticity Token with last version #109

nicolas-besnard opened this issue Jan 11, 2015 · 9 comments
Labels
close-in-7-days

Comments

@nicolas-besnard
Copy link
Contributor

I get an error ActionController::InvalidAuthenticityToken with the last version (0.1.31.beta9). I had to had protect_from_forgery with: :null_session on ApplicationController.
@lynndylanhurley
Copy link
Owner

I'm not sure if this should be classified as a bug with this gem - I think that's a default Rails behavior.

But I'll leave this issue open as a reminder to make a note in the readme. Thanks @nicolas-besnard!

@marothstein
Copy link

I am still getting an error even with the protect_from_forgery with: :null_session addition to ApplicationController. Without nulling out the session, I get an InvalidAuthenticityToken exception. When I include the above line, I'm given an error when something calls .downcase on a null object.

Any possibility that I can get some guidance on this one?

@nicolas-besnard
Copy link
Contributor Author

Can you C/C your log file with the errors ? Are you sending a request with JSON headers ?

@marothstein
Copy link

@nicolas-besnard - sorry about the delay. Here is the error output with trace for an unsuccessful registration call (when there are no parameters supplied).

Started POST "/api/auth/" for 67.188.113.228 at 2015-02-17 20:34:37 +0000
Processing by DeviseTokenAuth::RegistrationsController#create as */*
  Parameters: {"registration"=>{}}
Can't verify CSRF token authenticity
Completed 500 Internal Server Error in 78ms

NoMethodError (undefined method `downcase' for nil:NilClass):
  vendor/bundle/ruby/2.0.0/gems/devise_token_auth-0.1.31/app/controllers/devise_token_auth/registrations_controller.rb:12:in `create'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/implicit_render.rb:4:in `send_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/base.rb:198:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rendering.rb:10:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/callbacks.rb:20:in `block in process_action'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:117:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:117:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:151:in `block in halting_and_conditional'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:219:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:219:in `block in halting_and_conditional'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in `block in halting'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:92:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:92:in `_run_callbacks'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:734:in `_run_process_action_callbacks'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:81:in `run_callbacks'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/callbacks.rb:19:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rescue.rb:29:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications.rb:164:in `block in instrument'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications.rb:164:in `instrument'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/instrumentation.rb:30:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/base.rb:137:in `process'
  vendor/bundle/ruby/2.0.0/gems/actionview-4.2.0/lib/action_view/rendering.rb:30:in `process'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal.rb:195:in `dispatch'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal.rb:236:in `block in action'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:73:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:42:in `serve'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/mapper.rb:49:in `serve'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:43:in `block in serve'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:30:in `each'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:30:in `serve'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:802:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-cors-0.3.1/lib/rack/cors.rb:72:in `call'
  vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:35:in `block in call'
  vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:34:in `catch'
  vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:34:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/etag.rb:24:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/conditionalget.rb:38:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/head.rb:13:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/params_parser.rb:27:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/flash.rb:260:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:225:in `context'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:220:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/cookies.rb:560:in `call'
  vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/query_cache.rb:36:in `call'
  vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/connection_adapters/abstract/connection_pool.rb:647:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:88:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:88:in `_run_callbacks'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:734:in `_run_call_callbacks'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:81:in `run_callbacks'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
  vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:38:in `call_app'
  vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:20:in `block in call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:68:in `block in tagged'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:26:in `tagged'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:68:in `tagged'
  vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:20:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/request_id.rb:21:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/methodoverride.rb:22:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/runtime.rb:18:in `call'
  vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
  vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/static.rb:113:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/sendfile.rb:113:in `call'
  vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/engine.rb:518:in `call'
  vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/application.rb:164:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/lock.rb:17:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/content_length.rb:15:in `call'
  vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/handler/webrick.rb:89:in `service'
  vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
  vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
  vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'

@nicolas-besnard
Copy link
Contributor Author

You didn't send any parameters. Did you use ng-token-auth ? Are you doing
the registration manually ?
On Tue 17 Feb 2015 at 20:39 Matt Rothstein notifications@github.com wrote:

@nicolas-besnard https://github.com/nicolas-besnard - sorry about the
delay. Here is the error output with trace for an unsuccessful registration
call (when there are no parameters supplied).

Started POST "/api/auth/" for 67.188.113.228 at 2015-02-17 20:34:37 +0000
Processing by DeviseTokenAuth::RegistrationsController#create as /
Parameters: {"registration"=>{}}
Can't verify CSRF token authenticity
Completed 500 Internal Server Error in 78ms

NoMethodError (undefined method downcase' for nil:NilClass): vendor/bundle/ruby/2.0.0/gems/devise_token_auth-0.1.31/app/controllers/devise_token_auth/registrations_controller.rb:12:increate'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/implicit_render.rb:4:in send_action' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/base.rb:198:inprocess_action'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rendering.rb:10:in process_action' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/callbacks.rb:20:inblock in process_action'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:117:in call' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:117:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:151:in block in halting_and_conditional' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:219:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:219:in block in halting_and_conditional' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:234:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:169:in block in halting' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:92:incall'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:92:in _run_callbacks' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:734:in_run_process_action_callbacks'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:81:in run_callbacks' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/callbacks.rb:19:inprocess_action'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rescue.rb:29:in process_action' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/instrumentation.rb:31:inblock in process_action'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications.rb:164:in block in instrument' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications/instrumenter.rb:20:ininstrument'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/notifications.rb:164:in instrument' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/instrumentation.rb:30:inprocess_action'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/params_wrapper.rb:250:in process_action' vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/railties/controller_runtime.rb:18:inprocess_action'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/abstract_controller/base.rb:137:in process' vendor/bundle/ruby/2.0.0/gems/actionview-4.2.0/lib/action_view/rendering.rb:30:inprocess'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal.rb:195:in dispatch' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal/rack_delegation.rb:13:indispatch'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_controller/metal.rb:236:in block in action' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:73:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:73:in dispatch' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:42:inserve'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/mapper.rb:49:in serve' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:43:inblock in serve'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:30:in each' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/journey/router.rb:30:inserve'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/routing/route_set.rb:802:in call' vendor/bundle/ruby/2.0.0/gems/rack-cors-0.3.1/lib/rack/cors.rb:72:incall'
vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:35:in block in call' vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:34:incatch'
vendor/bundle/ruby/2.0.0/gems/warden-1.2.3/lib/warden/manager.rb:34:in call' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/etag.rb:24:incall'
vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/conditionalget.rb:38:in call' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/head.rb:13:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/params_parser.rb:27:in call' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/flash.rb:260:incall'
vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:225:in context' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/session/abstract/id.rb:220:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/cookies.rb:560:in call' vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/query_cache.rb:36:incall'
vendor/bundle/ruby/2.0.0/gems/activerecord-4.2.0/lib/active_record/connection_adapters/abstract/connection_pool.rb:647:in call' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/callbacks.rb:29:inblock in call'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:88:in call' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:88:in_run_callbacks'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:734:in _run_call_callbacks' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/callbacks.rb:81:inrun_callbacks'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/callbacks.rb:27:in call' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/remote_ip.rb:78:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/debug_exceptions.rb:17:in call' vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/show_exceptions.rb:30:incall'
vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:38:in call_app' vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:20:inblock in call'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:68:in block in tagged' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:26:intagged'
vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/tagged_logging.rb:68:in tagged' vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/rack/logger.rb:20:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/request_id.rb:21:in call' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/methodoverride.rb:22:incall'
vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/runtime.rb:18:in call' vendor/bundle/ruby/2.0.0/gems/activesupport-4.2.0/lib/active_support/cache/strategy/local_cache_middleware.rb:28:incall'
vendor/bundle/ruby/2.0.0/gems/actionpack-4.2.0/lib/action_dispatch/middleware/static.rb:113:in call' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/sendfile.rb:113:incall'
vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/engine.rb:518:in call' vendor/bundle/ruby/2.0.0/gems/railties-4.2.0/lib/rails/application.rb:164:incall'
vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/lock.rb:17:in call' vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/content_length.rb:15:incall'
vendor/bundle/ruby/2.0.0/gems/rack-1.6.0/lib/rack/handler/webrick.rb:89:in service' vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/httpserver.rb:138:inservice'
vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/httpserver.rb:94:in run' vendor/ruby-2.0.0/lib/ruby/2.0.0/webrick/server.rb:295:inblock in start_thread'


Reply to this email directly or view it on GitHub
#109 (comment)
.

@marothstein
Copy link

@nicolas-besnard Just closing the loop on this. Thanks for the support. I was not using ng-token-auth.

This is solved.

@lepek
Copy link

lepek commented Mar 12, 2015

I think can say I can reproduce this issue:

Without protect_from_forgery with: :null_session:

Started POST "/api/v1/auth/sign_in" for ::1 at 2015-03-12 01:30:38 -0300
Processing by Api::V1::SessionsController#create as */*
  Parameters: {"email"=>"mbianculli@gmail.com", "password"=>"[FILTERED]"}
Can't verify CSRF token authenticity
Completed 422 Unprocessable Entity in 3ms

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
  actionpack (4.2.0) lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
  actionpack (4.2.0) lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
  devise (3.4.1) lib/devise/controllers/helpers.rb:251:in `handle_unverified_request'
  actionpack (4.2.0) lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
  activesupport (4.2.0) lib/active_support/callbacks.rb:427:in `block in make_lambda'
  activesupport (4.2.0) lib/active_support/callbacks.rb:145:in `call'
  activesupport (4.2.0) lib/active_support/callbacks.rb:145:in `block in halting_and_conditional'
  activesupport (4.2.0) lib/active_support/callbacks.rb:169:in `call'
  activesupport (4.2.0) lib/active_support/callbacks.rb:169:in `block in halting'
  activesupport (4.2.0) lib/active_support/callbacks.rb:92:in `call'
  activesupport (4.2.0) lib/active_support/callbacks.rb:92:in `_run_callbacks'
  activesupport (4.2.0) lib/active_support/callbacks.rb:734:in `_run_process_action_callbacks'
  activesupport (4.2.0) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (4.2.0) lib/abstract_controller/callbacks.rb:19:in `process_action'
  actionpack (4.2.0) lib/action_controller/metal/rescue.rb:29:in `process_action'
  actionpack (4.2.0) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
  activesupport (4.2.0) lib/active_support/notifications.rb:164:in `block in instrument'
  activesupport (4.2.0) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (4.2.0) lib/active_support/notifications.rb:164:in `instrument'
  actionpack (4.2.0) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
  actionpack (4.2.0) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
  activerecord (4.2.0) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  actionpack (4.2.0) lib/abstract_controller/base.rb:137:in `process'
  actionview (4.2.0) lib/action_view/rendering.rb:30:in `process'
  actionpack (4.2.0) lib/action_controller/metal.rb:195:in `dispatch'
  actionpack (4.2.0) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  actionpack (4.2.0) lib/action_controller/metal.rb:236:in `block in action'
  actionpack (4.2.0) lib/action_dispatch/routing/route_set.rb:73:in `call'
  actionpack (4.2.0) lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
  actionpack (4.2.0) lib/action_dispatch/routing/route_set.rb:42:in `serve'
  actionpack (4.2.0) lib/action_dispatch/routing/mapper.rb:49:in `serve'
  actionpack (4.2.0) lib/action_dispatch/journey/router.rb:43:in `block in serve'
  actionpack (4.2.0) lib/action_dispatch/journey/router.rb:30:in `each'
  actionpack (4.2.0) lib/action_dispatch/journey/router.rb:30:in `serve'
  actionpack (4.2.0) lib/action_dispatch/routing/route_set.rb:802:in `call'

With protect_from_forgery with: :null_session it works. I created a custom controller that extends the default DeviseTokenAuth::SessionsController and I added this. But I think it shouldn't be needed.

@ahmetabdi
Copy link

Still happens any update?

@zachfeldman
Copy link
Contributor

Hi there @nicolas-besnard ,

In an effort to cleanup this project and prioritize a bit, we're marking issues that haven't had any activity in a while with a "close-in-7-days" label. If we don't hear from you in about a week, we'll be closing this issue. Obviously feel free to re-open it at any time if it's the right time or this was done in error!

If you are still having the issue (especially if it's a bug report) please refer to our new Issue Template to provide some more details to help us solve it.

Hope all is well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
close-in-7-days
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@lepek @marothstein @lynndylanhurley @ahmetabdi @nicolas-besnard @zachfeldman