ActionController::InvalidAuthenticityToken error in rails

Question

I wanted to add some custom fields to devise authentication, so I followed a tutorial and did some changes. I unpacked the devise gem, added the fields to the views, and devise controller. I added the fields "first_name" and "last_name" to my users table. The changes didn't work. So I didn't want to spend much time on that, so I wanted to move on, I removed all the code I added to the devise gem sourcecode, created a migration to remove first_name, and last_name from users. Everything looked fine, I can move about on the site and everything. But as soon as I try to sign out, I get this error: In the command line, the error also says "can't verify CSRF token auhtenticity"

This is the code I have in my layout view navbar for the user to sign out:

    <% if user_signed_in? %>
        <li><%= link_to "Sign out", destroy_user_session_path, method: :delete %></li>
    <%else%>
        <li> 
            <%= link_to "sign up" , new_user_registration_path %>
        </li>
        <li>
            <%= link_to "Log in", new_user_session_path%>
        </li>
    <%end%>

I restarted the server and all that. The user is still signed in. I can't do anything to sign out. Is there a way to fix this?

Possible duplicate of [How can I sign out a devise user from the Rails console?](https://stackoverflow.com/questions/28935054/how-can-i-sign-out-a-devise-user-from-the-rails-console) — Amin Shah Gilani, Jun 04 '17 at 06:08
Firstly, there was no need to unpack the the gem and manipulate it..there are very simple ways available to `override` views and controllers of devise..try going your last commit (without devise) create new branch and bundle the gem..fresh start. — Md. Farhan Memon, Jun 04 '17 at 07:30

score -1 · Answer 1 · answered Jun 03 '17 at 22:16

-1

To destroy a user session in devise, you have to do the following:

<%= link_to "Logout", destroy_user_session_path, :method => :delete %>

the hash ':method' will trigger delete action and sign the user out and destroy current session. Make sure your pointing to your "destroy_user_session_path", or the path you specified. You should be able to see what the name of the path is by using "rails routes" or "rake routes" command depending on what version of rails you're using.

Hope this helps.

answered Jun 03 '17 at 22:16

Joseph Borne

257
2
11

1

That is not the answer to the question I'm afraid. – Eyeslandic Jun 03 '17 at 22:30
Hey man, i understand. It was working before I did the changes. – Dinukaperera Jun 03 '17 at 23:11
@Dinukaperera ok. Nice job. :) – Joseph Borne Jun 03 '17 at 23:38

ActionController::InvalidAuthenticityToken error in rails

1 Answers1