|
|
|
@ -2,6 +2,8 @@
|
|
|
|
|
class ApplicationController < ActionController::Base |
|
|
|
|
before_action :set_paper_trail_whodunnit, :set_locale, :discard |
|
|
|
|
before_action :set_mailer_host, if: :devise_controller? |
|
|
|
|
before_action :configure_permitted_parameters, if: :devise_controller? |
|
|
|
|
|
|
|
|
|
# Prevent CSRF attacks by raising an exception. |
|
|
|
|
# For APIs, you may want to use :null_session instead. |
|
|
|
|
protect_from_forgery prepend: true, with: :exception |
|
|
|
@ -34,4 +36,9 @@ class ApplicationController < ActionController::Base
|
|
|
|
|
def handle_xhr_layout |
|
|
|
|
request.xhr? ? false : 'application' |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
def configure_permitted_parameters |
|
|
|
|
update_attrs = %i[password password_confirmation current_password] |
|
|
|
|
devise_parameter_sanitizer.permit :account_update, keys: update_attrs |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|