Allow profiler to authenticate by stubbing users directly
Previously, we used a personal access token. This had a couple of problems:
- If the user didn't have a PAT, we couldn't impersonate them.
- It depended on reading the raw PAT from the database.
Instead, we can monkey-patch the authentication methods on ApplicationController (overriding the Devise ones), and remove them once we're done. This does mean that profiles will not profile auth correctly, so for that, use a PAT directly.
Closes #54327 (closed).
Edited by Sean McGivern