[Misc] Show a better error message when not authorized

This previously just showed that an unexpected error occured which
isn't very helpful.

See #509

app/controllers/application_controller.rb

@@ -66,7 +66,7 @@ class ApplicationController < ActionController::Base
       cookies.delete :remember
       render_expected_error(401, exception.message)
     when ActionController::InvalidAuthenticityToken
-      render_error_page(403, exception)
+      render_expected_error(403, "ActionController::InvalidAuthenticityToken. Did you properly authorize your request?")
     when ActiveRecord::RecordNotFound
       render_404
     when ActionController::RoutingError

test/functional/application_controller_test.rb

@@ -112,7 +112,7 @@ class ApplicationControllerTest < ActionDispatch::IntegrationTest
           # try to submit a form with cookies but without the csrf token
           put user_path(@user), headers: { HTTP_COOKIE: headers["Set-Cookie"] }, params: { user: { enable_safe_mode: "true" } }
           assert_response 403
-          assert_equal("An unexpected error occurred.", css_select("p").first.content)
+          assert_match(/ActionController::InvalidAuthenticityToken/, css_select("p").first.content)
           assert_equal(false, @user.reload.enable_safe_mode)
         end
       end