Redirect unauthorised attempts to submit forms to 422

mena-devs · Nov 1, 2020 · 2560126 · 2560126
1 parent ddbd6cc
commit 2560126
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,6 +1,8 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 
+  rescue_from ActionController::InvalidAuthenticityToken, with: :render_422
+
   # API access
   before_action :authenticate_with_token!, if: :api_request
 
@@ -51,6 +53,15 @@ def pagination_content(name, current_page, total_pages)
     return pagination
   end
 
+  # Handle errors
+  def handle_unverified_request
+    raise(ActionController::InvalidAuthenticityToken)
+  end
+
+  def render_422
+    redirect_to '/422'
+  end
+
   def not_found
     raise ActionController::RoutingError.new('Not Found')
   rescue