You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there any configuration for a rails api only app? ie: an app generated with the --api flag.
When I make a post request to my api-only app, I get the following response:
Started POST "/users" for ::1 at 2020-05-03 16:00:30 -0400
Processing by Clearance::UsersController#create as */*
Parameters: {"user"=>{"email"=>"example@example.com", "password"=>"[FILTERED]"}}
(0.0ms) begin transaction
User Exists? (0.1ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = ? LIMIT ? [["email", "example@example.com"], ["LIMIT", 1]]
User Create (1.6ms) INSERT INTO "users" ("created_at", "updated_at", "email", "encrypted_password", "remember_token") VALUES (?, ?, ?, ?, ?) [["created_at", "2020-05-03 20:00:30.731133"], ["updated_at", "2020-05-03 20:00:30.731133"], ["email", "example@example.com"], ["encrypted_password", "$2a$12$MJPN4rKBlAlecrzb.cK6QendHfBM1koy2xhVCRbMaMh/wAzyHZpIi"], ["remember_token", "617b695d8db3bfaf102c70a695ae83685045caed"]]
(0.6ms) commit transaction
Completed 500 Internal Server Error in 298ms (ActiveRecord: 2.3ms | Allocations: 83913)
NameError (undefined local variable or method `form_authenticity_token' for #<Clearance::UsersController:0x00007ff26c2d8d70>):
How can I resolve this issue?
Steps to reproduce:
rails new authtest --api
Install clearance gem
rails g clearance:install
post request to '/users' with params: {"user"=>{"email"=>"example@example.com", "password"=>"asdf1234"}}
Are there any plans to make a config.api_only = true clearance config option that would render json instead of redirects and flashes and fix some of these csrf issues?
The text was updated successfully, but these errors were encountered:
Thanks for submitting your issue. Clearance is not really built to support API mode out the box. It may be possible but will require some amount of configuration on the application side. We don't currently have any plans to offer an api only configuration option.
You can set Configuration.rotate_csrf_on_sign_in to false to bypass the code that is giving you this particular error:
Is there any configuration for a rails api only app? ie: an app generated with the
--api
flag.When I make a post request to my api-only app, I get the following response:
How can I resolve this issue?
Steps to reproduce:
rails new authtest --api
rails g clearance:install
{"user"=>{"email"=>"example@example.com", "password"=>"asdf1234"}}
Are there any plans to make a
config.api_only = true
clearance config option that would render json instead of redirects and flashes and fix some of these csrf issues?The text was updated successfully, but these errors were encountered: