avoid csrf errors with github logins

librariesio · Jul 19, 2016 · 19a2ae5 · 19a2ae5
1 parent 3f6e93b
commit 19a2ae5
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -1,7 +1,5 @@
 class SessionsController < ApplicationController
-  unless Rails.env.production?
-    skip_before_action :verify_authenticity_token, only: [:create]
-  end
+  skip_before_action :verify_authenticity_token, only: [:create, :failure]
 
   def new
     session[:pre_login_destination] = params[:return_to] if params[:return_to].present?