My first solution was not using token generated in before.sh.
If you change before and submit files make sure the variable names are correct.
In the view.html I use ‘value="<%= csrftoken %>"/>’ but in the before.sh example (RStudio when launched without Singularity is having strange troubles with authentication - #42 by jeff.ohrstrom) is using ‘<%= csrf_token %>’
If you share all the parts you added we can check if there’s any issue.