Devise error - ActionController::InvalidAuthenticityToken

0
votes

Got problem in devise logout while admin and user logged in same page

For example i logged as user in chrome browser and logged as admin in the same browser,when i logged out of admin session the user session is automatically logged out and redirect to sign in page.
When i try to login as user it's successfully logged in and goes to the admin login page and try to log-in it shows -

ActionController::InvalidAuthenticityToken
1
ruby-on-railsdevise
Are you trying to say you can't log in as user and admin on different browsers at the same time ? - Caffeine Coder
when admin and user log in there is no problem, when i log out the admin or user the next is also logout automatically. - Mahesh Yadav
You can not create two login sessions for the same application in same browser. - APS

1 Answers

0
votes

I had the same problem today. Just in case, I would like to share one solution I found. I got this idea after reading this issue in device repo: https://github.com/plataformatec/devise/issues/3461

class Identities::SessionsController < Devise::SessionsController

  rescue_from ActionController::InvalidAuthenticityToken, with: :force_log_out

  #...

  def force_log_out
    return unless params[:action] == 'destroy'

    puts "rescued ActionController::InvalidAuthenticityToken"
    puts "force log out and redirect back to '/'"
    sign_out_all_scopes
    redirect_to '/'
  end

  # ...

I do not know if this is the best solution. If anybody has other solutions, I would like to learn them.