89d2f2d0fc
- Rename SaasAdminController to Admin::AuditController - Override require_authentication to support bearer tokens alongside session auth, allowing API access to audit console - Add migration for audits1984_auditor_tokens table - Add controller tests for authentication scenarios including staff validation on token-based access Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
18 lines
426 B
Ruby
18 lines
426 B
Ruby
class Admin::AuditsController < ::AdminController
|
|
private
|
|
# Extend Fizzy's authentication to support auditor bearer tokens.
|
|
def require_authentication
|
|
authenticate_by_audit_bearer_token || super
|
|
end
|
|
|
|
def authenticate_by_audit_bearer_token
|
|
if auditor = auditor_from_bearer_token
|
|
Current.identity = auditor
|
|
end
|
|
end
|
|
|
|
def find_current_auditor
|
|
Current.identity
|
|
end
|
|
end
|