# Copyright (C) 2024 Manuel Bustillo class ApplicationController < ActionController::Base before_action :authenticate_user! after_action :set_csrf_cookie skip_before_action :verify_authenticity_token, if: :development_swagger? rescue_from ActiveRecord::RecordInvalid do |exception| render json: { message: 'Record invalid', errors: exception.record.errors.full_messages }, status: :unprocessable_entity end rescue_from ActionController::ParameterMissing do |exception| render json: { message: 'Parameter missing', errors: [exception.message] }, status: :bad_request end rescue_from ActiveRecord::RecordNotFound do |exception| render json: { message: 'Record not found', errors: [exception.message] }, status: :not_found end private def development_swagger? Rails.env.test? || Rails.env.development? && request.headers['referer']&.include?('/api-docs/index.html') end def set_csrf_cookie cookies['csrf-token'] = { value: form_authenticity_token, secure: Rails.env.production?, same_site: :strict } end end