work with current supplier backend

app/controllers/application_controller.rb

@@ -15,6 +15,15 @@ class ApplicationController < ActionController::Base
 
 private
 
+  def authenticate_employee!
+    if auth_token = params[:auth_token].presence
+      raise CanCan::AccessDenied unless employee = Employee.find_by_authentication_token(auth_token)
+      sign_in employee
+    else
+      super
+    end
+  end
+
   def allow_all_origins
     headers['Access-Control-Allow-Origin']   = '*'
     headers['Access-Control-Request-Method'] = '*'

app/controllers/suppliers/application_controller.rb

@@ -25,7 +25,8 @@ module Suppliers
       supplier = current_supplier || employee.suppliers.first
       render json: {
         employee: JSONAPI::Serializer.serialize(employee, serializer: Suppliers::EmployeeSerializer),
-        supplier: JSONAPI::Serializer.serialize(supplier, serializer: Suppliers::SupplierSerializer)
+        supplier: JSONAPI::Serializer.serialize(supplier, serializer: Suppliers::SupplierSerializer),
+        auth_token: employee.authentication_token,
       }
     end