|I just upgraded to rails 2.0.2 and I’m having a problem when I switch
from cookie based sessions to ActiveRecord based sessions.
Apparently my login form which worked under rails 1.2.6 no longer
includes the proper authentication token necessary for
protect_from_forgery.
There are a number of people who appear to have this problem and I’ve
seen suggestions indicating I need to include <%= token_tag %>. But
token_tag is a private method and as far as I can tell, is being called.
So how do I get the form_tag to work properly under rails 2.0.2?
This is what I currently have:
<p> Please enter your username and password to access the site.</p>
<% form_tag :action => 'login' do -%>
<p><label for="login_name">Name</label><br/>
<%= text_field 'login', 'name' %></p>
<p><label for="login_password">Password</label><br/>
<%= password_field 'login', 'password' %></p>
<%= submit_tag "Login" %>
<% end -%>
TIA
EMS
|