From add2f9053fc6e3d6f8aab0877a072f61d16e9f56 Mon Sep 17 00:00:00 2001
From: Christian Sutter <git@doublesignal.com>
Date: Thu, 23 Jan 2025 12:17:00 +0000
Subject: [PATCH] Move authentication into a controller concern

---
 app/controllers/application_controller.rb  |  3 +--
 app/controllers/concerns/authentication.rb | 10 ++++++++++
 2 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 app/controllers/concerns/authentication.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 6e242b26..2772d0d3 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,5 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
-  include GDS::SSO::ControllerMethods
-  before_action :authenticate_user!
+  include Authentication
 end
diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb
new file mode 100644
index 00000000..584ce457
--- /dev/null
+++ b/app/controllers/concerns/authentication.rb
@@ -0,0 +1,10 @@
+# Requires a user to be logged in through GDS SSO for any action.
+module Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    include GDS::SSO::ControllerMethods
+
+    before_action :authenticate_user!
+  end
+end