forked from OpenNeo/impress
fix issue with csrf_param in wardrobe ajax
Due to a silly slip-up involving Javascript object literal syntax, we were sending {csrf_param: "token"} instead of {authenticity_token: "token"} with wardrobe AJAX requests. This would cause users to be auto-logged-out for failing to provide a proper token. Oops.
This commit is contained in:
parent
686d6560c4
commit
abcf70a0c4
2 changed files with 13 additions and 2 deletions
|
@ -2,11 +2,18 @@ class OutfitsController < ApplicationController
|
||||||
before_filter :find_authorized_outfit, :only => [:update, :destroy]
|
before_filter :find_authorized_outfit, :only => [:update, :destroy]
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
Rails.logger.debug "Signed in?: #{user_signed_in?}"
|
||||||
|
Rails.logger.debug "User 1: #{current_user.inspect}"
|
||||||
@outfit = Outfit.build_for_user(current_user, params[:outfit])
|
@outfit = Outfit.build_for_user(current_user, params[:outfit])
|
||||||
|
Rails.logger.debug "User 2: #{current_user.inspect}"
|
||||||
if @outfit.save
|
if @outfit.save
|
||||||
|
Rails.logger.debug "User 3: #{current_user.inspect}"
|
||||||
render :json => @outfit.id
|
render :json => @outfit.id
|
||||||
|
Rails.logger.debug "User 4: #{current_user.inspect}"
|
||||||
else
|
else
|
||||||
|
Rails.logger.debug "User 5: #{current_user.inspect}"
|
||||||
render_outfit_errors
|
render_outfit_errors
|
||||||
|
Rails.logger.debug "User 6: #{current_user.inspect}"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,12 @@
|
||||||
(function () {
|
(function () {
|
||||||
var csrf_param = $('meta[name=csrf-param]').attr('content'),
|
var csrf_param = $('meta[name=csrf-param]').attr('content'),
|
||||||
csrf_token = $('meta[name=csrf-token]').attr('content');
|
csrf_token = $('meta[name=csrf-token]').attr('content'),
|
||||||
|
data = {};
|
||||||
|
|
||||||
|
data[csrf_param] = csrf_token;
|
||||||
|
|
||||||
$.ajaxSetup({
|
$.ajaxSetup({
|
||||||
data: {csrf_param: csrf_token}
|
data: data
|
||||||
});
|
});
|
||||||
})();
|
})();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue