POST request using CURL for Rails App

Question

This question has been asked by many of users and I have tried all solutions but none of them have worked for.for ex: This Question here curl json post request via terminal to a rails app but still the same result.

I am trying to POST data through terminal using CURL by running this command:

curl -i -H 'Authorization: Token token'="9asdadsasd87t8ddaghsd" -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"request":{"sender_mobile":"12331212","recipient_mobile":"121231231","location":"Bangalore"}}'  http://localhost:3000/api/v1/requests

and Getting reponse:

HTTP/1.1 422 Unprocessable Entity 
Content-Type: text/html; charset=utf-8
Content-Length: 15450
X-Request-Id: f1025e69-9ff3-4bd1-9bd5-0679fbcc50bc
X-Runtime: 0.062784
Server: WEBrick/1.3.1 (Ruby/2.1.1/2014-02-24)
Date: Thu, 08 Jan 2015 10:35:45 GMT
Connection: Keep-Alive

with so much lines of garbage but I guess this response is sufficient to understand what might be the cause.Here is the link to complete error http://pastebin.com/n342HeYL

I am able to do GET request successfully with command:

curl -i 'http://localhost:3000/api/v1/requests' -H 'Authorization: Token token'="952aa4598ec2cd87c8b69056616a00af"

Response:

HTTP/1.1 200 OK 
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: application/json; charset=utf-8
Etag: "b956523e0345d2bb466d39823195b600"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 91d21235-246f-4557-a67a-92dca02b9cc1
X-Runtime: 0.011781
Server: WEBrick/1.3.1 (Ruby/2.1.1/2014-02-24)
Date: Thu, 08 Jan 2015 10:51:55 GMT
Content-Length: 486
Connection: Keep-Alive

So, I dont know whats wrong in POST request.

Here is my request_controller.rb file

module Api
  module V1
    class RequestsController < ApplicationController
      # skip_before_action :verify_authenticity_token
      before_filter :restrict_access

      respond_to :json

      def index
        respond_with Request.all
      end

      def show
        respond_with Request.find(params[:id])
      end

      def create
        respond_with Request.create(params[:request])
      end

      def update
        respond_with Request.update(params[:id], params[:request])
      end

      def destroy
        respond_with Request.destroy(params[:id])
      end

      private

      def restrict_access
        authenticate_or_request_with_http_token do |token, options|
          ApiKey.exists?(access_token: token)
        end
      end
    end
  end
end

Answer 1

With respect to the conversation above, let me write an answer.

If you see a form in rails, it will have a line as mentioned below

<input name="authenticity_token" type="hidden" value="+wFCV3kv0X/WI0qb54BgYlDzi+Tp+6HIGM61a4O6gg0=">

Now, if in ApplicationController you have this line protect_from_forgery then it would always expect authenticity_token and if its not available, it will throw the error thats mentioned in your logs hence I suggested to remove that line because you won't be passing an authenticity_token as a param from you api POST requests.

The reason why your get request is working just fine is because rails doesn't expect authenticity_token on a GET request.

Now, you said you removed protect_from_forgery but you got an internal server error, well that has to be handled by you as it has got nothing to do with GET or POST request but it is an error in your rails application. So solve that error and it should work just fine. Or also post the error log here so may be I can help you with that.

EDIT: Solution to your internal server 500 error

With the logs pasted below, it is also necessary that you allow the attributes in your controller, just as @abhinay mentioned in the code.

Hope that helps