I’ve just updated my dev instance and I can’t log in anymore.
The debug console says:
POST http://localhost:3000/session 403 (Forbidden).
The log file says:
Can't verify CSRF token authenticity. Rendering text template Rendered text template (Duration: 0.1ms | Allocations: 3) Filter chain halted as :verify_authenticity_token rendered or redirected Completed 403 Forbidden in 39ms (Views: 38.2ms | ActiveRecord: 0.0ms | Allocations: 2987)
There are several topics about this issue on Meta, but they all deal with bad nginx settings. I don’t use any reverse proxy, I only use the standard dev instance on Win 10 WSL (puma on localhost:3000).
I’ve reinstalled Discourse entirely, but still the same problem. I tried
SiteSetting.force_https = false in the rail console: doesn’t solve the issue.