# File lib/action_controller/metal/request_forgery_protection.rb, line 110 def form_authenticity_token session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) end