I have a Rails API backend with Angular frontend. Of course, it was all good while playing in development.
The app is deployed using nginx+passenger, with the compiled angular content (dist dir) is simply put in the Rails public dir. I repeatedly get 422 error, as the rails server Can't verify CSRF token.
I have installed the angular_rails_csrf gem, also added the following line to application.rb:
config.angular_rails_csrf_cookie_name = 'X-XSRF-TOKEN'
but it still doesn't work. Obviously it works just fine when setting skip_before_action :verify_authenticity_token in the app controller but that's just stupid.
I have tried various solutions, none of them helped. Anybody got an idea how to overcome this?
System info:
- Ruby version 2.6.5
- Rails version 6.0.2.1
- Angular version 9.1.0