From e2bfdef9671c2e2888940e55872e839cacd17baa Mon Sep 17 00:00:00 2001
From: Ahmad Farhat <ahmad.af.farhat@gmail.com>
Date: Wed, 26 Aug 2020 10:20:50 -0400
Subject: [PATCH] More work to fix CSRF issue on join (#2043)

---
 app/controllers/rooms_controller.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/controllers/rooms_controller.rb b/app/controllers/rooms_controller.rb
index a67ce136..be09e6ee 100644
--- a/app/controllers/rooms_controller.rb
+++ b/app/controllers/rooms_controller.rb
@@ -33,6 +33,7 @@ class RoomsController < ApplicationController
                 unless: -> { !Rails.configuration.enable_email_verification }
   before_action :verify_room_owner_valid, only: [:show, :join]
   before_action :verify_user_not_admin, only: [:show]
+  skip_before_action :verify_authenticity_token, only: [:join]
 
   # POST /
   def create