[ACCEPTED]-how to generate AuthenticityToken on rails-ruby-on-rails-3

Accepted answer
Score: 80

There is a view helper called form_authenticity_token that returns 2 the current session's authenticity token.

In 1 your view.html.erb:

 <form action="/blah" method="POST">
   <input name="authenticity_token" value="<%= form_authenticity_token %>" type="hidden">
   <input name="first_name" type="text">
Score: 9

This answer is first for rails form token tag in Google so to 3 keep it simpler for future googling generations: just 2 use token_tag, it's a helper defined in ActionView::Helpers::UrlHelper that returns 1 hidden input with form_authenticity_token as default value.

Score: 0

To generate the token you have to use the 4 method: form_authenticity_token as it was correctly noted by @flitzwald. Since 3 it is rediced in a active controller's concern, you 2 must include the module into a controller 1 expclicitly before using as follows:

include ActionController::RequestForgeryProtection

# use

def set_csrf_header
  response.headers['X-CSRF-Token'] = form_authenticity_token

More Related questions