Rails Devise login using curl

Question

I'm trying to login to devise using curl as follows:

curl -v -b cookie.file -c cookie.file -H "Content-Type: application/json" -X POST -d '{"user" : {"email":"MYUSER" , "password":"MYPASSWORD" }}' <code>http://localhost:3000/users/sign_in.json<code>

The rails server logs shows:

WARNING: Can't verify CSRF token authenticity

Is it possible to get CSRF token authenticity and pass it to the sign_in request to login successfully using devise?

Answer 1

I would suggest you not to use curl and use mechanize instead because it handels this stuff automaticly when you call the login form first.

When you want to go on using curl you need to call the login page first and enable the cookiejar option to store the session for the next call. Then you could add the token so you can login. But this problem isnt specific to devise its a mecanism of Rails to not accept forms that were sent without the token.