1class ApplicationController < ActionController::Base
2  # Prevent CSRF attacks by raising an exception.
3  # For APIs, you may want to use :null_session instead.
4  protect_from_forgery with: :exception
5end