Add bearer authorization to ActionCable

It can be used for API access when
session is not available

app/channels/application_cable/connection.rb

@@ -3,13 +3,14 @@
 module ApplicationCable
   class Connection < ActionCable::Connection::Base
     include Logging
+    include Gitlab::Auth::AuthFinders
 
     identified_by :current_user
 
     public :request
 
     def connect
-      self.current_user = find_user_from_session_store
+      self.current_user = find_user_from_bearer_token || find_user_from_session_store
     end
 
     private

spec/channels/application_cable/connection_spec.rb

@@ -43,6 +43,16 @@
     end
   end
 
+  context 'when bearer header is provided' do
+    let(:user_pat) { create(:personal_access_token) }
+
+    it 'finds user by PAT' do
+      connect(ActionCable.server.config.mount_path, headers: { Authorization: "Bearer #{user_pat.token}" })
+
+      expect(connection.current_user).to eq(user_pat.user)
+    end
+  end
+
   context 'when session cookie is not set' do
     it 'sets current_user to nil' do
       connect