Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I was using devise and omniauth to “login with google/yahoo” to a site I’m building. It worked fine, but now I came back some days later and it does not work anymore, it throws this in the logs: WARNING: Can’t verify CSRF token authenticity
“login with facebook” works fine.
What could have changed? I don’t remember touching anything. Maybe I run bundle install and something changed.
Any ideas on how to fix this?
CSRF token is something Rails renders into forms on HTML pages. Then when the form is submitted, the token is checked against your session. Yahoo won’t have a session to check, you probably need to have the Yahoo callback provide a key that you can check explicitly, in the callback it invokes, and then
skip_before_filter :verify_authenticity_tokenfor it.