I’ve just updated my dev instance and I can’t log in anymore.
The debug console says: POST http://localhost:3000/session 403 (Forbidden)
.
The log file says:
Can't verify CSRF token authenticity.
Rendering text template
Rendered text template (Duration: 0.1ms | Allocations: 3)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 403 Forbidden in 39ms (Views: 38.2ms | ActiveRecord: 0.0ms | Allocations: 2987)
There are several topics about this issue on Meta, but they all deal with bad nginx settings. I don’t use any reverse proxy, I only use the standard dev instance on Win 10 WSL (puma on localhost:3000).
I’ve reinstalled Discourse entirely, but still the same problem. I tried SiteSetting.force_https = false
in the rail console: doesn’t solve the issue.
Any advice?