ruby-on-rails - CSRF トークンの真正性を検証できません

Question

Mollie API をインストールしようとしていますが、Webhook が機能しません。Ruby on Rails 4 で作業しています。Can't verify CSRF token autenticityと言い続けます。stackoverflow からいくつかの回答を試しましたが、うまくいきません。例えば

• skip_before_filter :verify_authenticity_token
• protect_from_forgery except: [:notify]
• protect_from_forgery with: :null_session, if: -> {request.format.json?}

私の通知コントローラーは次のようになります。

class ReservationsController < ApplicationController
    before_action :authenticate_user!, except: [:notify]

    skip_before_filter :verify_authenticity_token

    def preload
        training = Training.find(params[:training_id])
        today = Date.today
        reservations = training.reservations.where("date >= ?", today)

        render json: reservations
    end

    def create



        @thrill = Thrill.find(params[:thrill_id])
        if @thrill.reservations.length < @thrill.training.tr_max_attendants
            @reservation = current_user.reservations.create(reservation_params)

            if @reservation

                require 'Mollie/API/Client'

                mollie = Mollie::API::Client.new('test_gUejkz43UkdeCauC22J6UNqqVRdpwW')

                payment = mollie.payments.create(
                    amount: 10.00,
                    description: 'My first API payment',
                    redirect_Url: 'http://d7459af1.ngrok.io/your_trips',
                    webhookUrl: 'http://d7459af1.ngrok.io/notify',
                    metadata: {
                        reservationid: @reservation.id
                    }
                )



                @reservation.update_attributes payid:payment.id

                redirect_to payment.payment_url


            else
                redirect_to @thrill.training, notice: "Helaas, de training is vol"
            end
        end
    end

    protect_from_forgery except: [:notify]
#   protect_from_forgery with: :null_session, if: -> {request.format.json?}

    def notify

        require 'Mollie/API/Client'

        mollie = Mollie::API::Client.new('test_gUejkz43UkdeCauC22J6UNqqVRdpwW')

        payment = mollie.payments.get(payment.id)

        params.permit!
        status = params[:payment_status]

        if payment.paid?

          reservation = Reservation.find(params[:payid])
          reservation.update_attributes status:true
        else
            reservation.destroy
        end

        render nothing: true

    end

    protect_from_forgery except: [:your_trips]
    def your_trips
        @reservations = current_user.reservations.joins(:thrill).order('thrills.thrilldate asc').where('? <= thrills.thrilldate', Date.today)
    end

    def your_reservations
        @trainings = current_user.trainings
    end

    private
        def reservation_params

            params.permit(:thrill_id, :user_id)
        end


    end

誰かがヒントやヒントを持っていれば、それは大歓迎です! ありがとう！