joost/api_controller.rb

## api_controller.rb
class ApiController < ApplicationController

  # FIXME: Since we cannot set ActionController::Parameters.action_on_unpermitted_parameters = :raise
  # on a controller level we do this hotfix.
  class ApiParameters < ActionController::Parameters
    def action_on_unpermitted_parameters
      :raise
    end
  end
  def params
    @_params ||= ApiParameters.new(request.params)
  end

# Handling of invalid parameters

  rescue_from(ActionController::ParameterMissing) do |exception|
    render json: { message: exception.message, params: [exception.param] }, status: :bad_request
  end
  rescue_from(ActionController::UnpermittedParameters) do |exception|
    render json: { message: exception.message, params: exception.params }, status: :bad_request # { unknown_parameters: exception.params }
  end

  skip_before_action :verify_authenticity_token

end
	class ApiController < ApplicationController

	# FIXME: Since we cannot set ActionController::Parameters.action_on_unpermitted_parameters = :raise
	# on a controller level we do this hotfix.
	class ApiParameters < ActionController::Parameters
	def action_on_unpermitted_parameters
	:raise
	end
	end
	def params
	@_params \|\|= ApiParameters.new(request.params)
	end

	# Handling of invalid parameters

	rescue_from(ActionController::ParameterMissing) do \|exception\|
	render json: { message: exception.message, params: [exception.param] }, status: :bad_request
	end
	rescue_from(ActionController::UnpermittedParameters) do \|exception\|
	render json: { message: exception.message, params: exception.params }, status: :bad_request # { unknown_parameters: exception.params }
	end

	skip_before_action :verify_authenticity_token

	end