From f45fad71dd19f349a15eaa835e14bf3dc1aa22fe Mon Sep 17 00:00:00 2001
From: Sebastian Serth <Sebastian.Serth@hpi.de>
Date: Thu, 27 Oct 2022 16:14:18 +0200
Subject: [PATCH] Add early return support for authentication

---
 app/controllers/application_controller.rb | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d32a256a..fc12d602 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -23,7 +23,7 @@ class ApplicationController < ActionController::Base
 
   def find_or_login_current_user
     login_from_authentication_token ||
-      ExternalUser.find_by(id: session[:external_user_id]) ||
+      login_from_lti_session ||
       login_from_session ||
       login_from_other_sources ||
       nil
@@ -44,7 +44,15 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def login_from_lti_session
+    return unless session[:external_user_id]
+
+    ExternalUser.find_by(id: session[:external_user_id])
+  end
+
   def login_from_authentication_token
+    return unless params[:token]
+
     token = AuthenticationToken.find_by(shared_secret: params[:token])
     return unless token