Change skip_authenticity_token by :null_session

app/controllers/application_controller.rb

@@ -1,7 +1,7 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 
   rescue_from CanCan::AccessDenied do |exception|
     redirect_to root_url, alert: exception.message

app/controllers/transactions_controller.rb

@@ -1,5 +1,4 @@
 class TransactionsController < ApplicationController
-
   def index
     @transactions = Transaction.all
   end