Commit graph

5 commits

Author SHA1 Message Date
blackst0ne
6fef87f17f [Rails5] Force the protect_from_forgery callback run first
Since Rails 5.0 the `protect_from_forgery` callback doesn't run first by
default anymore. [1]

Instead it gets inserted into callbacks chain where callbacks get
called in order.

This commit forces the callback to run first.

[1]: 3979403781
2018-06-21 21:44:31 +11:00
Douwe Maan
d020eabf29 Add log messages to clarify log messages about API CSRF token verification failure 2017-07-28 15:39:39 +02:00
Douwe Maan
dcf4a2e83c Rescue only from ActionController::InvalidAuthenticityToken 2017-07-26 11:25:10 +02:00
blackst0ne
cc3a82bc8b Add rescue false. 2017-07-26 11:05:44 +02:00
blackst0ne
8ce8b21f67 Refactor CSRF protection 2017-07-26 11:05:44 +02:00
Renamed from lib/omni_auth/request_forgery_protection.rb (Browse further)