Contents

module VerifyCsrfToken
  extend ActiveSupport::Concern

  included do
    before_action :set_csrf_cookie

    rescue_from ActionController::InvalidAuthenticityToken do
      redirect_back fallback_location: "/", notice: "The page expired, please try again."
    end
  end

  def request_authenticity_tokens
    super << request.headers["HTTP_X_XSRF_TOKEN"]
  end

  private

  def set_csrf_cookie
    cookies["XSRF-TOKEN"] = {
      value: form_authenticity_token,
      same_site: "Strict"
    }
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
kaze-0.4.0	stubs/inertia-common/app/controllers/concerns/verify_csrf_token.rb
kaze-0.3.0	stubs/inertia-common/app/controllers/concerns/verify_csrf_token.rb
kaze-0.2.0	stubs/default/app/controllers/concerns/verify_csrf_token.rb
kaze-0.1.0	stubs/default/app/controllers/concerns/verify_csrf_token.rb