Note to always skip the authenticity check
This commit is contained in:
parent
d7124ba525
commit
8ae62e54f4
|
@ -94,7 +94,8 @@ something like this:
|
||||||
|
|
||||||
```ruby
|
```ruby
|
||||||
class SessionsController < ApplicationController
|
class SessionsController < ApplicationController
|
||||||
skip_before_action :verify_authenticity_token, only: :create unless Rails.env.production?
|
# If you're using a strategy that POSTs during callback, you'll need to skip the authenticity token check for the callback action only.
|
||||||
|
skip_before_action :verify_authenticity_token, only: :create
|
||||||
|
|
||||||
def create
|
def create
|
||||||
@user = User.find_or_create_from_auth_hash(auth_hash)
|
@user = User.find_or_create_from_auth_hash(auth_hash)
|
||||||
|
|
Loading…
Reference in New Issue