saas: Add bearer token authentication for audit console
- Rename SaasAdminController to Admin::AuditController - Override require_authentication to support bearer tokens alongside session auth, allowing API access to audit console - Add migration for audits1984_auditor_tokens table - Add controller tests for authentication scenarios including staff validation on token-based access Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,14 @@
|
||||
# This migration comes from audits1984 (originally 20260126000000)
|
||||
class CreateAuditorTokens < ActiveRecord::Migration[7.0]
|
||||
def change
|
||||
create_table :audits1984_auditor_tokens do |t|
|
||||
t.uuid :auditor_id, null: false, index: { unique: true }
|
||||
t.string :token_digest, null: false
|
||||
t.datetime :expires_at, null: false
|
||||
|
||||
t.timestamps
|
||||
|
||||
t.index :token_digest, unique: true
|
||||
end
|
||||
end
|
||||
end
|
||||
+11
-1
@@ -10,7 +10,7 @@
|
||||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema[8.2].define(version: 2025_12_16_000000) do
|
||||
ActiveRecord::Schema[8.2].define(version: 2026_01_26_230838) do
|
||||
create_table "account_billing_waivers", id: :uuid, charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
|
||||
t.uuid "account_id", null: false
|
||||
t.datetime "created_at", null: false
|
||||
@@ -43,6 +43,16 @@ ActiveRecord::Schema[8.2].define(version: 2025_12_16_000000) do
|
||||
t.index ["stripe_subscription_id"], name: "index_account_subscriptions_on_stripe_subscription_id", unique: true
|
||||
end
|
||||
|
||||
create_table "audits1984_auditor_tokens", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
|
||||
t.uuid "auditor_id", null: false
|
||||
t.datetime "created_at", null: false
|
||||
t.datetime "expires_at", null: false
|
||||
t.string "token_digest", null: false
|
||||
t.datetime "updated_at", null: false
|
||||
t.index ["auditor_id"], name: "index_audits1984_auditor_tokens_on_auditor_id", unique: true
|
||||
t.index ["token_digest"], name: "index_audits1984_auditor_tokens_on_token_digest", unique: true
|
||||
end
|
||||
|
||||
create_table "audits1984_audits", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
|
||||
t.uuid "auditor_id", null: false
|
||||
t.datetime "created_at", null: false
|
||||
|
||||
Reference in New Issue
Block a user