Files
fizzy/saas/app/controllers/admin/audits_controller.rb
T
Mike Dalessio 89d2f2d0fc saas: Add bearer token authentication for audit console
- Rename SaasAdminController to Admin::AuditController
- Override require_authentication to support bearer tokens alongside
  session auth, allowing API access to audit console
- Add migration for audits1984_auditor_tokens table
- Add controller tests for authentication scenarios including staff
  validation on token-based access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 14:13:54 -05:00

18 lines
426 B
Ruby

class Admin::AuditsController < ::AdminController
private
# Extend Fizzy's authentication to support auditor bearer tokens.
def require_authentication
authenticate_by_audit_bearer_token || super
end
def authenticate_by_audit_bearer_token
if auditor = auditor_from_bearer_token
Current.identity = auditor
end
end
def find_current_auditor
Current.identity
end
end