Login - Can't verify CSRF token authenticity

Steve_Ng · March 17, 2016, 9:07am

Hi, when I am logging in, sometimes I get this error. It would result in me unable to login at all. Any idea how does this error come from?

This result in the inability to even login to discourse.

I, [2016-03-17T17:05:20.078871 #4141]  INFO -- : Started POST "/session" for 127.0.0.1 at 2016-03-17 17:05:20 +0800
I, [2016-03-17T17:05:20.134365 #4141]  INFO -- : Processing by SessionController#create as */*
I, [2016-03-17T17:05:20.136184 #4141]  INFO -- :   Parameters: {"login"=>"xx@gmail.com", "password"=>"[FILTERED]"}
W, [2016-03-17T17:05:20.137855 #4141]  WARN -- : Can't verify CSRF token authenticity
I, [2016-03-17T17:05:20.139322 #4141]  INFO -- :   Rendered text template (0.0ms)
I, [2016-03-17T17:05:20.140774 #4141]  INFO -- : Filter chain halted as :verify_authenticity_token rendered or redirected
I, [2016-03-17T17:05:20.142685 #4141]  INFO -- : Completed 403 Forbidden in 5ms (Views: 1.6ms | ActiveRecord: 0.0ms)

Steve_Ng · March 18, 2016, 1:32am

For the reference of the other folks who might have this problem:

I have initially set config.assets.prefix = ‘/’

Changing the asset directory to anything but / would solve this.

Topic		Replies	Views
Can't Login to Discourse - CSRF Token Authenticity support	1	3178	June 28, 2017
403 Forbidden error while enabling / disabling theme component support	3	190	September 14, 2023
Users can't sign in due to 403 error installation	12	3677	April 24, 2018
Error 403 (Forbidden) in dev instance dev	1	608	March 3, 2020
[API] "Can't verify CSRF token authenticity" when attempting to update avatar for user dev rest-api	0	692	September 8, 2022

Login - Can't verify CSRF token authenticity

Related Topics