class Api::V1::ApiController < ApplicationController
  protect_from_forgery with: :null_session, if: Proc.new { |c| c.request.format == 'application/json' }
  rescue_from Exception do |e|
    ExceptionNotifier.notify_exception(e)
    render :json => {status: 500, error: "oops! something went wrong"}
  end

  rescue_from CanCan::AccessDenied do |exception|
    respond_to do |format|
      format.json { render json: { error: "Requested resource is locked. You cannot do this operation." }, status: :forbidden }
    end
  end
  
  def user_authentication_for_api
    access_token = request.headers["X-AUTH-TOKEN"].nil?  ?  params["access_token"] : request.headers["X-AUTH-TOKEN"]
    @user = User.where(:access_token => access_token).first
    @current_user = @user
    if !@user.present? 
      render json: { msg: "Access denied! Please check user access token", error_code: 401 }, status: 401
    end
  end
  respond_to :json
end