Rails:ActionController :: InvalidAuthenticityToken
[英]Rails: ActionController::InvalidAuthenticityToken
问题描述
I'm currently working on a project involving users, likes, and posts. 
我目前正在从事一个涉及用户,喜欢和帖子的项目。 I have a like/unlike button that I finally got to work some of the time, but on certain user's profiles when I go to unlike a post, I get thrown this error, which says that it is coming from my destroy action in my likes controller: 我有一个喜欢/不喜欢的按钮,有时候我终于可以工作了,但是当我去某个帖子时,在某些用户的个人资料上,我抛出了这个错误,该错误表示它来自我的喜欢中的destroy动作。控制器:
ActionController::InvalidAuthenticityToken
I'm using devise, but don't know if that has to do with the cause of the issue. 我正在使用devise,但不知道这是否与问题的原因有关。
Right now this is what I'm working with: 现在,这就是我正在使用的:
<h4>All of <%= @user.email %>'s posts:</h4>
<% @user.posts.order('created_at DESC').each do |post| %>
<li><%= post.content %></li>
<% unless current_user.likes.pluck(:post_id).include?(post.id) %>
<%= form_tag likes_path do %>
<%= hidden_field_tag 'post_id', post.id %>
<%= submit_tag "Like", :class => "like_button" %>
<% end %>
<% else %>
<% like = post.likes.where(user_id: current_user.id).first %>
<div class="unlike_button">
<%= form_tag like_path(like) do %>
<%= hidden_field_tag 'post_id', post.id %>
<%= button_to "Unlike", like_path(post), method: :delete %>
</div>
<% end %>
class LikesController < ApplicationController
def create
@post = Post.find(params[:post_id])
@like = Like.new(user_id: current_user.id, post_id: @post.id)
if @like.save
flash[:success] = "Post Liked!"
redirect_back(fallback_location: root_path)
else
flash[:notice] = "Couldn't like post"
redirect_back(fallback_location: root_path)
end
end
def destroy
@like = Like.find(params[:id])
@like.destroy
flash[:success] = "Post unliked"
redirect_back(fallback_location: root_path)
end
end 结束
class PostsController < ApplicationController
def index
@posts = Post.all
@user = User.find(params[:user_id])
end
def new
@post = Post.new
@user = User.find(params[:user_id])
end
def create
@post = current_user.posts.build(post_params)
if @post.save
flash[:success] = "Posted!"
redirect_to user_path(current_user)
else
flash[:notice] = "Post could not be submitted"
redirect_to users_path
end
end
private
def post_params
params.require(:post).permit(:content)
end
end
3 个解决方案
解决方案1
3 2016-09-21 01:31:23
There is a comment in application_controller.rb .. application_controller.rb有一条评论。
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
so ,you may try changing.. 因此,您可以尝试更改。
protect_from_forgery with: :exception
to this 对此
protect_from_forgery with: :null_session
Hope it helps :) 希望能帮助到你 :)
解决方案2
0 2016-09-20 23:38:44
I think I have figured it out.. At least have gotten it to work. 我想我已经解决了。至少已经使它起作用了。 I wasusing a form_for helper as well as button_to helper. 我在使用form_for帮助器以及button_to帮助器。 I deleted the form_for helper and just stuck with 我删除了form_for助手,只是坚持
<%= button_to "Unlike", like_path(like), method: :delete %>
and it is now working 现在正在工作
解决方案3
0 2018-10-25 22:36:03
What helps me solve this problem is adding the Forward Slash in the URL 帮助我解决此问题的方法是在URL中添加正斜杠
From: 从:
= bootstrap_form_tag url: 'signup_with_phone' do |form|
To: 至:
= bootstrap_form_tag url: '/signup_with_phone' do |form|
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.