Hi everyone,
I am reading and learning from this very cool book Railspace - Building Social Networking sites.
I understand everything but i am stuck with the sessions section. Its something i would really like to get under my belt and would appreciate any help!
Ok so here is the error i get:
ActionController::InvalidAuthenticityToken in User#register
No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).
Extracted source (around line #2):
1: <h2>Register</h2>
2: <% form_for :user do |form| %>
3:
4: <fieldset>
5: <legend>Enter Your Details</legend>
d:/Ruby/lib/ruby/gems/1.8/gems/actionpack-2.2.2/lib/action_controller/request_forgery_protection.rb:115:in `form_authenticity_token'
(eval):2:in `send'
(eval):2:in `form_authenticity_token'
app/views/user/register.html.erb:2
My register.html.rb (or register.rhtml) file looks like this:
# Your secret key for verifying cookie session data integrity.
# If you change this key, all old sessions will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
config.action_controller.session = {
:session_key => '_rails_space_session',
:secret => '85b34bcc08e24fe0988c46e70c5f38e6a1b689be0a919e75ad433048e638678bae3df444bf2065327be5ebd30c099610e179e8461a5318509df584883d456ff3'
}
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rake db:sessions:create")
config.action_controller.session_store = :active_record_store
I've run the command:
rake db:sessions:create
^The above command simple generates an Active Record class CreateSessions (simple enough right?)
What do i need to do here to get away from this nasty little error? How do i disable the secret question (I have tried but no luck yet) ;-)