У меня sails версии 0.12.3
Forbidden
CSRF mismatch
/**
* UserController
*
* @description :: Server-side logic for managing users
* @help :: See http://sailsjs.org/#!/documentation/concepts/Controllers
*/
module.exports = {
'new': function(req,res){
res.view();
},
create: function(req,res,next){
// Create a User with the params sent from
// the signup form --> new.ejs
User.create( req.params.all(), function userCreated (err, user){
// If there is an error
if(err) return next(err);
// After successfully creating the user
// redirect to the show action
res.json(user);
});
}
};
csrf включен
/****************************************************************************
* *
* Enabled CSRF protection for your site? *
* *
****************************************************************************/
module.exports.csrf = true;
/****************************************************************************
* *
* You may also specify more fine-grained settings for CSRF, including the *
* domains which are allowed to request the CSRF token via AJAX. These *
* settings override the general CORS settings in your config/cors.js file. *
* *
****************************************************************************/
module.exports.csrf = {
grantTokenViaAjax: true,
origin: ''
}
Как правильно настроить csrf?
Заранее спасибо!