ef9cfd6cdf
- Introduce Party model with lifecycle states (draft, published, canceled, sold_out) - Add RESTful API endpoints under /api/v1/parties for CRUD operations - Create ApiController base with API key authentication - Implement comprehensive code comments across models and controllers - Add database migration for parties table with proper indexes - Configure API routes with namespaced versioning
17 lines
671 B
Ruby
17 lines
671 B
Ruby
# Base controller for the application
|
|
# Provides common functionality and security configurations for all controllers
|
|
class ApplicationController < ActionController::Base
|
|
# Protect against Cross-Site Request Forgery (CSRF) attacks
|
|
# Ensures that all non-GET requests include a valid authenticity token
|
|
protect_from_forgery with: :exception
|
|
|
|
# Restrict access to modern browsers only
|
|
# Requires browsers to support modern web standards:
|
|
# - WebP images for better compression
|
|
# - Web Push notifications
|
|
# - Badge API for notifications
|
|
# - Import maps for JavaScript modules
|
|
# - CSS nesting and :has() pseudo-class
|
|
allow_browser versions: :modern
|
|
end
|