class ApplicationController < ActionController::Base
  include Lacquer::CacheUtils
  
  protect_from_forgery if: signed_in?
  skip_before_filter :verify_authenticity_token, unless: signed_in?
 
  before_filter do |controller| 
    if signed_in? or request.xhr?
      controller.set_cache_ttl(0)
    end
  end
  
protected
 
  def form_authenticity_token
    if signed_in?
      session[:_csrf_token] ||= SecureRandom.base64(32)
    end
  end
end