Add API controller to get the current user. Also create authenticate_user_with_json! so we can authenticate properly using JSON.

app/controllers/api/api_controller.rb

@@ -2,7 +2,9 @@
 
 # License: AGPL-3.0-or-later WITH WTO-AP-3.0-or-later
 # Full license explanation at https://github.com/houdiniproject/houdini/blob/master/LICENSE
-class Api::ApiController < ApplicationController
+class Api::ApiController < ActionController::Base
+    include Controllers::Locale
+    include Controllers::Nonprofit::Authorization
     rescue_from ActiveRecord::RecordInvalid, with: :record_invalid_rescue
     
     protected

app/controllers/api/users_controller.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+# License: AGPL-3.0-or-later WITH WTO-AP-3.0-or-later
+# Full license explanation at https://github.com/houdiniproject/houdini/blob/master/LICENSE
+class Api::UsersController < Api::ApiController
+	include Controllers::User::Authorization
+
+	before_action :authenticate_user_with_json!
+
+	def current
+		render locals: { user: current_user }
+	end
+end

app/controllers/concerns/controllers/user/authorization.rb

@@ -10,7 +10,11 @@ module Controllers::User::Authorization
 	included do
 		helper_method :current_role?, :administered_nonprofit
 
-		private
+		protected
+
+		def authenticate_user_with_json!
+			reject_with_sign_in({}, :json) unless current_user
+		end
 
 		def authenticate_user!(msg = nil, type = :html)
 			reject_with_sign_in(msg, type) unless current_user