The thread contains a suggested solution: use authenticated do … blocks in routes.rb instead of before_action :authenticate_user! in controllers.
The thread contains a suggested solution: use authenticated do … blocks in routes.rb instead of before_action :authenticate_user! in controllers.
It’s probably a good idea to do this anyway to avoid divulging the existence of routes that unauthenticated users don’t need to know exist. (They will get a 404 instead of a 401.)