diff --git a/admin/app/components/solidus_admin/sidebar/account_nav/component.html.erb b/admin/app/components/solidus_admin/sidebar/account_nav/component.html.erb
index 0082c3ee4a4..fd4a4d3f359 100644
--- a/admin/app/components/solidus_admin/sidebar/account_nav/component.html.erb
+++ b/admin/app/components/solidus_admin/sidebar/account_nav/component.html.erb
@@ -58,7 +58,7 @@
       <% end %>
     </li>
     <li class="h-8 flex items-center hover:bg-gray-25 rounded">
-      <%= link_to @logout_path, method: @logout_method, class: 'flex gap-2 items-center px-2' do %>
+      <%= button_to @logout_path, method: @logout_method, class: 'flex gap-2 items-center px-2' do %>
         <%= icon_tag("logout-box-line", class: "w-5 h-5 fill-current shrink") %>
         <span><%= t('.logout') %></span>
       <% end %>
diff --git a/admin/app/controllers/solidus_admin/accounts_controller.rb b/admin/app/controllers/solidus_admin/accounts_controller.rb
index cd3ddaa884f..b43f84c08b2 100644
--- a/admin/app/controllers/solidus_admin/accounts_controller.rb
+++ b/admin/app/controllers/solidus_admin/accounts_controller.rb
@@ -2,6 +2,8 @@
 
 module SolidusAdmin
   class AccountsController < SolidusAdmin::BaseController
+    skip_before_action :authorize_solidus_admin_user!
+
     def show
       redirect_to spree.edit_admin_user_path(current_solidus_admin_user)
     end
diff --git a/admin/app/controllers/solidus_admin/auth_adapters/backend.rb b/admin/app/controllers/solidus_admin/auth_adapters/backend.rb
deleted file mode 100644
index 6469570cc53..00000000000
--- a/admin/app/controllers/solidus_admin/auth_adapters/backend.rb
+++ /dev/null
@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-
-module SolidusAdmin::AuthAdapters::Backend
-  extend ActiveSupport::Concern
-
-  included do
-    delegate :admin_logout_path, to: :spree
-    helper_method :admin_logout_path
-  end
-
-  private
-
-  def authenticate_solidus_backend_user!
-    if respond_to?(:model_class, true) && model_class
-      record = model_class
-    else
-      record = controller_name.to_sym
-    end
-    authorize! :admin, record
-    authorize! action_name.to_sym, record
-  rescue CanCan::AccessDenied
-    instance_exec(&Spree::Admin::BaseController.unauthorized_redirect)
-  end
-
-  # Needs to be overriden so that we use Spree's Ability rather than anyone else's.
-  def current_ability
-    @current_ability ||= Spree::Ability.new(spree_current_user)
-  end
-
-  def store_location
-    Spree::UserLastUrlStorer.new(self).store_location
-  end
-
-  def spree_current_user
-    defined?(super) ? super : nil
-  end
-end
diff --git a/admin/app/controllers/solidus_admin/authentication_adapters/backend.rb b/admin/app/controllers/solidus_admin/authentication_adapters/backend.rb
new file mode 100644
index 00000000000..02234657433
--- /dev/null
+++ b/admin/app/controllers/solidus_admin/authentication_adapters/backend.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module SolidusAdmin::AuthenticationAdapters::Backend
+  extend ActiveSupport::Concern
+
+  included do
+    delegate :admin_logout_path, to: :spree
+    helper_method :admin_logout_path
+  end
+
+  private
+
+  def authenticate_solidus_backend_user!
+    return if spree_current_user
+
+    instance_exec(&Spree::Admin::BaseController.unauthorized_redirect)
+  end
+
+  def store_location
+    Spree::UserLastUrlStorer.new(self).store_location
+  end
+
+  def spree_current_user
+    defined?(super) ? super : nil
+  end
+end
diff --git a/admin/app/controllers/solidus_admin/base_controller.rb b/admin/app/controllers/solidus_admin/base_controller.rb
index e59f7a2ed04..457bc8243be 100644
--- a/admin/app/controllers/solidus_admin/base_controller.rb
+++ b/admin/app/controllers/solidus_admin/base_controller.rb
@@ -8,10 +8,11 @@ class BaseController < ApplicationController
     include Spree::Core::ControllerHelpers::Store
     include GearedPagination::Controller
 
-    include SolidusAdmin::ControllerHelpers::Auth
+    include SolidusAdmin::ControllerHelpers::Authentication
+    include SolidusAdmin::ControllerHelpers::Authorization
     include SolidusAdmin::ControllerHelpers::Locale
     include SolidusAdmin::ComponentsHelper
-    include SolidusAdmin::AuthAdapters::Backend if defined?(Spree::Backend)
+    include SolidusAdmin::AuthenticationAdapters::Backend if defined?(Spree::Backend)
 
     layout 'solidus_admin/application'
     helper 'solidus_admin/components'
diff --git a/admin/app/controllers/solidus_admin/controller_helpers/auth.rb b/admin/app/controllers/solidus_admin/controller_helpers/authentication.rb
similarity index 93%
rename from admin/app/controllers/solidus_admin/controller_helpers/auth.rb
rename to admin/app/controllers/solidus_admin/controller_helpers/authentication.rb
index 60d251149d2..4afc7bfd0c6 100644
--- a/admin/app/controllers/solidus_admin/controller_helpers/auth.rb
+++ b/admin/app/controllers/solidus_admin/controller_helpers/authentication.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-module SolidusAdmin::ControllerHelpers::Auth
+module SolidusAdmin::ControllerHelpers::Authentication
   extend ActiveSupport::Concern
 
   included do
diff --git a/admin/app/controllers/solidus_admin/controller_helpers/authorization.rb b/admin/app/controllers/solidus_admin/controller_helpers/authorization.rb
new file mode 100644
index 00000000000..c0a1d970dce
--- /dev/null
+++ b/admin/app/controllers/solidus_admin/controller_helpers/authorization.rb
@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module SolidusAdmin::ControllerHelpers::Authorization
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :authorize_solidus_admin_user!
+  end
+
+  private
+
+  def current_ability
+    @current_ability ||= Spree::Ability.new(current_solidus_admin_user)
+  end
+
+  def authorize_solidus_admin_user!
+    subject = authorization_subject
+
+    authorize! :admin, subject
+    authorize! action_name, subject
+  end
+
+  def authorization_subject
+    "Spree::#{controller_name.classify}".constantize
+  rescue NameError
+    raise NotImplementedError, "Couldn't infer the model class from the controller name, " \
+      "please implement `#{self.class}#authorization_subject`."
+  end
+end
diff --git a/admin/lib/solidus_admin/preview.rb b/admin/lib/solidus_admin/preview.rb
index 2b80cb9771d..8c22d089ede 100644
--- a/admin/lib/solidus_admin/preview.rb
+++ b/admin/lib/solidus_admin/preview.rb
@@ -27,7 +27,7 @@ module ControllerHelper
     extend ActiveSupport::Concern
 
     included do
-      include SolidusAdmin::ControllerHelpers::Auth
+      include SolidusAdmin::ControllerHelpers::Authentication
       helper ActionView::Helpers
       helper SolidusAdmin::ComponentsHelper
       helper_method :current_component
diff --git a/admin/spec/components/solidus_admin/sidebar/account_nav/component_spec.rb b/admin/spec/components/solidus_admin/sidebar/account_nav/component_spec.rb
index 0b76d1fdc11..5a1cb4e5fe4 100644
--- a/admin/spec/components/solidus_admin/sidebar/account_nav/component_spec.rb
+++ b/admin/spec/components/solidus_admin/sidebar/account_nav/component_spec.rb
@@ -22,8 +22,10 @@
 
       # Links are hidden within a <details> element
       expect(page).to have_link("Account", href: "/admin/account", visible: :any)
-      expect(page).to have_link("Logout", href: "/admin/logout", visible: :any)
-      expect(page.find_link("Logout", visible: :any)["data-method"]).to eq("delete")
+      within('form[action="/admin/logout"]') do
+        expect(page).to have_button("Logout", visible: :any)
+        expect(page).to have_css('input[type="hidden"][name="_method"][value="delete"]')
+      end
     end
   end
 end