Keep getting "Can't verify CSRF token authenticity" error using Docker

[razvansadeanu]

This error has been bothering me for a few days, to give some context, I try to run klaxon locally using Docker but every time I try to log in using ADMIN_EMAIL I get error 422 ( Can't verify CSRF token authenticity. ActionController::InvalidAuthenticityToken (ActionController ::InvalidAuthenticityToken). To reproduce the error:

• clone the klaxon repo locally
• use the develop branch
• go to docker_example directory
• modify the env_local.list with your values ( I'm using SENDGRID for sending emails )
• also modify the port and password from docker-compose.yaml file
• run docker-compose up

env_local.list looks like this: DATABASE_URL=postgres://postgres:<my-pass>@db/klaxon ADMIN_EMAILS=admin@news.org RAILS_ENV=production SECRET_KEY_BASE=<my-secret-key> SMTP_PROVIDER=SENDGRID SENDGRID_USERNAME=apikey SENDGRID_PASSWORD=<my-sendgrid-key> MAILER_FROM_ADDRESS=neghy1997@gmail.com KLAXON_FORCE_SSL=false KLAXON_COMPILE_ASSETS=true

Important to mention:

• I'm using the latest klaxon image
• I cleared my browser's cookies before running
• I tried on multiple browsers ( Safari, Chrome, Mozilla) and same problem
• I changed RAILS_ENV to development but the same problem
• But when I changed RAILS_ENV to test I no longer receive an error and I receive the message "Email sent" also I can see the login link in my console, but when I enter it in the browser it redirects me back to the login page.

My questions:

• Is there a problem with running the program locally? do I need to do something extra to run it locally?
• Can it be because of my secret key? How can I make sure that the key is correct?
• Should I deploy it elsewhere? (e.g. EC2, Azure App Servive ..) Has anyone tried it?

[immewnity]

Try using master instead of develop - the develop branch is currently broken. I'm not sure if this'll fix your issue, but at the very least, will prevent other issues from occurring.

[razvansadeanu]

@immewnity thank you for quick answer, unfortunately, the same error on the master branch

[razvansadeanu]

The source of the error in my case was because I was NOT in an HTTPS environment. To fix the problem, I added traefik to the docker-compose file, here is a suggestive link