I have a simple login controller in which I use new/create to do the
login. For create, I have
def create # do login
session[:user_id] = nil
user = User.authenticate(u[:name], u[:password])
session[:user_id] = user.id
flash[:info]= 'Login Successful'
redirect_to(:action => "index", :controller=>'main' )
flash[:notice] = "Login Failure"
When I get a login failure, the redirect correctly takes me to the
login screen (new), but when I submit the form I get
There is another thread
that suggested <%= token_tag %>.
I tried that it my form, but no joy. Can't really find much in the
way of docs, couldn't even find token_tag. I know there is mention
of a bug fix which is coming, does anyone know if that is going to
solve this one, or is there some way of working round it other than
disabling protect from forgery