Previously, we used a personal access token. This had a couple of
problems:
1. If the user didn't have a PAT, we couldn't impersonate them.
2. It depended on reading the raw PAT from the database.
Instead, we can monkey-patch the authentication methods on
ApplicationController (overriding the Devise ones), and remove them once
we're done. This does mean that profiles will not profile auth
correctly, so for that, use a PAT directly.
Gitlab::Profiler.profile takes a URL to profile, and returns the ruby-prof
profile result.
This is currently only for interactive use (in a console) or from the script
runner. Note that when using this interactively, changes to the application
within that console session will be used, so this can be used to test proposed
performance changes.
