How to turn off rails protect_from_forgery filter only for json

Question

I have web site built with Rails3 and now I want to implement json API for mobile client access. However, sending json post request from the client because of the protect_fr

Answer 1

You can just skip the authenticity token check if its a json request

class ApplicationController < ActionController::Base
  skip_before_filter :verify_authenticity_token, if: :json_request?

  def json_request?
    request.format.json?
  end
end