I have a method in my UsersController called login.
def login
update_all_users_who_are_not_web_to_device_identifier_as_blank
user = User.find_by_jabber_id(params[:jabber_id])
user.update(device_identifier: params[:device_identifier])
render nothing: true
end
And when I call this method from my mobile, I get an error.
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
But why don’t I get errors on other actions when called from the mobile? Doing something like this
protect_from_forgery except: :login
made the error go away. I looked at this http://stackoverflow.com/questions/16258911/rails-4-authenticity-token
but didnt understand much what was going on. Or is it because login is a post request and thats why this method expects the form to pass an authenticity token?
I think this could be the only reason. But am I right in assuming this?