I just upgraded to rails 2.0.2 and I'm having a problem when I switch
from cookie based sessions to ActiveRecord based sessions.
Apparently my login form which worked under rails 1.2.6 no longer includes the proper authentication token necessary for protect_from_forgery.
There are a number of people who appear to have this problem and I've seen suggestions indicating I need to include <%= token_tag %>. But token_tag is a private method and as far as I can tell, is being called. So how do I get the form_tag to work properly under rails 2.0.2?
This is what I currently have:
<p> Please enter your username and password to access the site.</p>
<% form_tag :action => 'login' do -%>
<%= text_field 'login', 'name' %></p>
<%= password_field 'login', 'password' %></p>
<%= submit_tag "Login" %>
<% end -%>