Added handler to, on an invalid CSRF token, redirect back and flash a friendly message

Author: Benjamin-Couey

app/controllers/application_controller.rb

@@ -14,6 +14,11 @@ class ApplicationController < ActionController::Base
 
   rescue_from ActiveRecord::RecordNotFound, with: :not_found!
 
+  rescue_from ActionController::InvalidAuthenticityToken do
+    flash[:error] = 'Your session expired. This could be due to leaving a page open for a long time, or having multiple tabs open. Try resubmitting.'
+    redirect_back fallback_location: root_path
+  end
+
   def current_organization
     return @current_organization if @current_organization
     return nil unless current_role