部署 Rails + Puma + Nginx,遇到 Can't verify CSRF token authenticity.问题
部署生产环境问题
http 的请求没有问题,https 的请求存在如下问题:
- nginx 配置
https + http
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name backend.sgxcycl.com;
return 301 https://$server_name$request_uri;
}
*PUMA 配置
默认配置
proxy_pass http://puma_production;
- 错误
I, [2017-10-28T22:05:44.231048 #30235] INFO -- : [e6644d2d-c302-47dd-8cfb-a9af5a01ea5d] Started POST "/sessions" for 219.143.191.96 at 2017-10-28 22:05:44 +0800
I, [2017-10-28T22:05:44.232144 #30235] INFO -- : [e6644d2d-c302-47dd-8cfb-a9af5a01ea5d] Processing by SessionsController#create as HTML
I, [2017-10-28T22:05:44.232231 #30235] INFO -- : [e6644d2d-c302-47dd-8cfb-a9af5a01ea5d] Parameters: {"utf8"=>"✓", "authenticity_token"=>"lB/ac6c3JA+4I6LpstisiCm2ODPEJh6Iy2YrAjlJvvO7ayB9B4HpjDxHmda2NTJzRdrapIv1VqbjjKWamzOnoA==", "phone"=>"xxxx", "password"=>"[FILTERED]"}
W, [2017-10-28T22:05:44.232397 #30235] WARN -- : [e6644d2d-c302-47dd-8cfb-a9af5a01ea5d] Can't verify CSRF token authenticity.
- 另:各位如何解决 rails 内部 redirect_to 和 https 的问题呢?
