Frontend authentication working.

app/controllers/application_controller.rb

@@ -3,8 +3,21 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
   	
+  after_filter :set_csrf_cookie_for_ng
+  
+  def set_csrf_cookie_for_ng
+    cookies['XSRF-TOKEN'] = form_authenticity_token if protect_against_forgery?
+  end
+  
   rescue_from CanCan::AccessDenied do |exception|
     # flash[:error] = "Access denied!"
     redirect_to '/static_pages/not_allowed'
   end
+  
+  protected
+
+  # In Rails 4.2 and above
+  def verified_request?
+    super || valid_authenticity_token?(session, request.headers['X-XSRF-TOKEN'])
+  end
 end