verify_authenticity_token has not been defined

Question

Ruby version 2.2.4, Rails version 5.0.0.1.

I'm getting stuck at a part of a tutorial where you test login with curl. I get an error

ArgumentError (Before process_action callback: verify_authenticity_token has not been defined).

I used this code in sessions_controller:

skip_before_action :verify_authenticity_token, :if => Proc.new { |c| c.request.format == 'application/json' } 

Does somebody know the answer?

Answer 1

Check if your ApplicationController has a call to protect_from_forgery as follows:

class ApplicationController < ActionController::Base   protect_from_forgery with: :exception end 

Essentially calling protect_from_forgery adds verify_authenticity_token to the before_filter list, which you can skip in the other controllers.

Refer to protect_from_forgery documentation for more info.

Answer 2

After upgrading to Rails 5, I hit this error. I discovered that if skip_before_action is called multiple times with the same method name, this exception will be raised.

My fix was to add the parameter raise: false, to the second time skip_before_filter was called.

So it would look like this in the Application Controller:

skip_before_action :your_method_name, raise: false