I recently migrated a Rails 2 app to Rails 3 and switched to Devise in
the process. It is working well apart from one strange phenomenon.
When I do redirects using javascript the user is logged out. Has
anyone experienced something similar?
Yes, the problem is the authenticity token needs to be passed along
with your data. There are various ways of doing this depending on your
js library. Here’s how to access the data you need using prototype:
var csrf_param = $$(‘meta[name=csrf-param]’)[0].content;
var csrf_token = $$(‘meta[name=csrf-token]’)[0].content;
Hmm, I found out how to do it in jQuery (just use one $ instead of
two) but I cannot get it to work. How should I include that in the js
call to make it not log out? I have this in my controller: