ActionController::InvalidAuthenticityToken in ActiveAdmin::Devise::SessionsController#create

Question

I'm using Ruby on Rails 5 Api app with modification to enable Active Admin. Everything was fine until now. I don't remember doing any changes in the app, but now, if I delete cookies and etc on the browser, I can't login to the active admin app and this error is what I get:

I tried to add in application controller both

protect_from_forgery :with => :exception

and

protect_from_forgery :with => :null_session

but none have worked. This is my application controller:

class ApplicationController < ActionController::Base
  # protect_from_forgery :with => :exception
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected
  def configure_permitted_parameters
    attributes = [:name]
    devise_parameter_sanitizer.permit(:sign_up, keys: attributes)
  end
end

I don't know what causing it and how to solve it. Thanks beforehand.

Answer 1

Now it's working. After I restart my computer and added the line:

protect_from_forgery prepend: true, with: :exception

instead in the application controller, it worked.

Answer 2

In my context, I have a custom admin page and to solve I put a authenticity_token hidden field. Like below:

form method: :post, action: admin_templates_save_template_path do |f|
   f.label "label", for: :base_proposal_url
   f.input id: :base_proposal_url, name: :base_proposal_url

   ### field to handle authenticity token
   f.input type: :hidden, name: :authenticity_token

   f.button "Save", type: :submit
end