diff --git a/Gemfile.lock b/Gemfile.lock index 3f441bf..d34a7e5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -83,15 +83,17 @@ GEM method_source (0.9.2) mimemagic (0.3.4) mini_mime (1.0.2) - mini_portile2 (2.4.0) + mini_portile2 (2.5.0) minitest (5.14.0) msgpack (1.3.1) nio4r (2.5.2) - nokogiri (1.10.7) - mini_portile2 (~> 2.4.0) + nokogiri (1.11.2) + mini_portile2 (~> 2.5.0) + racc (~> 1.4) pg (1.2.2) puma (4.3.1) nio4r (~> 2.0) + racc (1.5.2) rack (2.1.2) rack-cors (1.1.1) rack (>= 2.0.0) diff --git a/app/controllers/api/v1/registrations_controller.rb b/app/controllers/api/v1/registrations_controller.rb index 0c3a6b2..4b067c6 100644 --- a/app/controllers/api/v1/registrations_controller.rb +++ b/app/controllers/api/v1/registrations_controller.rb @@ -1,5 +1,6 @@ module Api::V1 class RegistrationsController < ApplicationController + skip_before_action :verify_authenticity_token def create user = User.create!( first_name: params['first_name'], diff --git a/app/controllers/concerns/application_controller.rb b/app/controllers/concerns/application_controller.rb index 59368ca..9aa95e0 100644 --- a/app/controllers/concerns/application_controller.rb +++ b/app/controllers/concerns/application_controller.rb @@ -5,6 +5,8 @@ class ApplicationController < ActionController::Base after_action :short_session + Rails.application.config.action_controller.forgery_protection_origin_check = false + def short_session request.session_options = request.session_options.dup request.session_options[:expire_after] = 14.days diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index 64e40c7..0f32dd7 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -7,7 +7,7 @@ Rails.application.config.middleware.insert_before 0, Rack::Cors do allow do - origins 'https://winnow-client.herokuapp.com' + origins '*', 'https://winnow-client.herokuapp.com', 'http://winnow-client.herokuapp.com' resource '*', headers: :any,