My Rails 3.2 has a controller called LaunchController that provides api for other web applications so that they can embed the quizzes generated and entered into my application.
When an external application is sent to LaunchController, LaunchController#createauthenticates with OAuth, caches an object @toolthat knows about the external application, saves the cache key in the session, session[:launch_tool_cache_key]and redirects to another controller, AttemptsController#newwhich makes the quiz. When the user submits his responses, TryemptsControllert # create evaluates his quiz and uses @tool to send the score back to the external application.
Everything works fine in 3.2.
Last week, I (finally!) Upgraded my application to Rails 4.2. I sorted out the rest of the migration and the application is now in development. Except for this process.
The problem is the save session[:launch_tool_cache_key], which contains the key that I use to retrieve the serialized @toolfrom the cache, so I can send the class back to the external application. My logs show that the cache key is stored in LaunchController, but after being redirected to AttemptsController#newthe session key, it disappeared.
Things I tried:
- a comment
protect_from_forgery - adding
skip_before_filter :verify_authenticity_token
source
share