ActionController::InvalidAuthenticityToken in RegistrationsController#create

by

Per the comments in the core application_controller.rb, set protect_from_forgery to the following:

protect_from_forgery with: :null_session

Alternatively, per the docs, simply declaring protect_from_forgery without a :with argument will utilize :null_session by default:

protect_from_forgery # Same as above

UPDATE:

This seems to be a documented bug in the behavior of Devise. The author of Devise suggests disabling protect_from_forgery on the particular controller action that’s raising this exception:

# app/controllers/users/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
  skip_before_filter :verify_authenticity_token, :only => :create
end

More Related Contents:

  1. Boolean Validation
  2. Share session (cookies) between subdomains in Rails?
  3. How to get a random number in Ruby
  4. rails – Devise – Handling – devise_error_messages
  5. Rails 4: List of available datatypes
  6. Rails 4 Authenticity Token
  7. Rails association with multiple foreign keys
  8. Add Custom Field/Column to Devise with Rails 4
  9. How to configure Google Domains + Heroku w a Naked Domain
  10. Heroku/devise – Missing host to link to! Please provide :host parameter or set default_url_options[:host]
  11. Rails update_attributes without save?
  12. ERROR: Failed to build gem native extension on Mavericks
  13. Rails 4: assets not loading in production
  14. “bin/rails: No such file or directory” w/ Ruby 2 & Rails 4 on Heroku
  15. Redis + ActionController::Live threads not dying
  16. Rails: PG::UndefinedTable: ERROR: relation “…” does not exist
  17. Rails Observer Alternatives for 4.0
  18. Rails 4.0 Strong Parameters nested attributes with a key that points to a hash
  19. Adding extra registration fields with Devise
  20. Rails 4 – checkboxes for has_and_belongs_to_many association
  21. Rails 4: Why are fonts not loading in production?
  22. Setting session length with Devise
  23. ActionMailer not sending mail in development Rails 4
  24. strong parameters permit all attributes for nested attributes
  25. Rails Devise: after_confirmation
  26. How can I redirect a user’s home (root) path based on their role using Devise?
  27. Changing the default date and time format in Rails 4
  28. How to integrate a Wrap Bootstrap theme into an Rails application?
  29. Rails 4.0 with Devise. Nested attributes Unpermited parameters
  30. Is the server running on host “localhost” (::1) and accepting TCP/IP connections on port 5432?

Leave a Comment