As the csrf is enabled on config/security.js, the login.ejs and register.ejs must include the csrf token otherwise the post form submit will produce 403 Forbidden page.
i.e. on login.ejs and register.ejs
<input type="hidden" name="_csrf" value="<%= _csrf %>" />
BS. I am using sails 1.0.2 - 1.0.3-2. on Mac
The issue can be re-produced using the new 'sails new sails_demo' instead of cloning your source.
Regards
As the csrf is enabled on config/security.js, the login.ejs and register.ejs must include the csrf token otherwise the post form submit will produce 403 Forbidden page.
i.e. on login.ejs and register.ejs
<input type="hidden" name="_csrf" value="<%= _csrf %>" />BS. I am using sails 1.0.2 - 1.0.3-2. on Mac
The issue can be re-produced using the new 'sails new sails_demo' instead of cloning your source.
Regards