Set CSRF With AngularJS And Rails

One common problem with AngularJS and Rails integration is getting the CSRF protection working.

You can implement it yourself as described below or add a gem that provides this angular_rails_csrf


# app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery
  after_filter :set_csrf_cookie_for_ng

  protected

  # In Rails 4.2 and above
  def verified_request?
    super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
  end

  # In Rails 4.1 and below
  def verified_request?
    super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
  end

  private

  def set_csrf_cookie_for_ng
    cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
  end
end

Contact

604-309-8713
info@solidfoundationwebdev.com

Send Me A Message

I would love to get in touch and talk about your next project. Feel free to send a message and I will get back to you shortly.

Get Connected

Contact