Rails - Catch 'Invalid Authenticity Token' exception

Question

I'm currently using RESTful Authentication plug-in on my rails application.

There is a typical scenario when a user stays at login screen for enough time (let's say 1 day..) that makes the authentication token invalid due to time expire.

When this user tries the next day to login (he didn't refresh, he is still with this invalid token), he will get an "500" http error. Making the application crash for that request.

I'm wondering if it's possible to catch this expection and warn the user. Like any other innocent web user he just does back and tries again.. and again gets the same error...

Answer 1

In your application_controller.rb you'll do something like:

rescue_from Your::Exception, :with => :show_some_error_page

This will let you show some action, in this case show_some_error_page when an unhandled exception occurs.

I hope this helps.

Answer 2

If this happens often for a particular controller action, you could also disable authenticity token checking entirely for that action...

skip_before_filter :verify_authenticity_token, :only => [:create]