Logging out returns Can't verify CSRF token authenticity

Question

I am able to login and logout most of the time, but sometimes during logging out I am returned with this error as stated below and I am not logged out.

Can't verify CSRF token authenticity.
User excluded error: #<ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken>

It doesn't happen always that I am not able to logout but when I am not able to logout above is the error which I get. I read about it this is what I have done so far. I am using vuejs on my front end and rails on the backend. I am using rails version 5.1.

application_controller.rb

protect_from_forgery with: :exception

application.html.erb

<%= csrf_meta_tags %>

this is the axios request I am making to logout the user

index.vue

logout() {
 this.$axios.delete('/users/sign_out').then(function(response) {
  console.log("Logged out")
 });
}

Please help me resolve this issue

Armand Fardeau · Answer 1 · 2021-05-05T15:48:31.427

0

You may need to add the csrf_meta_tags to the request

In your case, the csrf_meta_tags in application.html.erb is not re-rendered.

edited May 05 '21 at 15:48

answered May 05 '21 at 15:37

Armand Fardeau

88
9

Here if found something which can be useful: https://stackoverflow.com/questions/54808071/cant-verify-csrf-token-authenticity-rails-react – Armand Fardeau May 05 '21 at 15:48
isnt csrf required only during login request? – user12763413 May 05 '21 at 16:16
CSRF token is required for every non-GET request (the default behavior). – Jagdeep Singh May 05 '21 at 17:37
@JagdeepSingh can you help me with how can I add the csrf token with the request. – user12763413 May 05 '21 at 18:00
Maybe this can be useful: https://stackoverflow.com/questions/22063612/adding-csrftoken-to-ajax-request – Armand Fardeau May 05 '21 at 19:43

Logging out returns Can't verify CSRF token authenticity

1 Answers1