Use common error for unauthenticated users

Removes special error message when creating new issues

app/controllers/projects/issues_controller.rb

@@ -19,7 +19,7 @@ class Projects::IssuesController < Projects::ApplicationController
 
   prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:rss) }
   prepend_before_action(only: [:calendar]) { authenticate_sessionless_user!(:ics) }
-  prepend_before_action :authenticate_new_issue!, only: [:new]
+  prepend_before_action :authenticate_user!, only: [:new]
   prepend_before_action :store_uri, only: [:new, :show]
 
   before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
@@ -247,14 +247,6 @@ class Projects::IssuesController < Projects::ApplicationController
     ] + [{ label_ids: [], assignee_ids: [] }]
   end
 
-  def authenticate_new_issue!
-    return if current_user
-
-    notice = "Please sign in to create the new issue."
-
-    redirect_to new_user_session_path, notice: notice
-  end
-
   def store_uri
     if request.get? && !request.xhr?
       store_location_for :user, request.fullpath

changelogs/unreleased/security-fix-new-issues-login-message.yml

+---
+title: Use common error for unauthenticated users when creating issues
+merge_request:
+author:
+type: security

spec/controllers/projects/issues_controller_spec.rb

@@ -131,7 +131,7 @@ describe Projects::IssuesController do
     it 'redirects to signin if not logged in' do
       get :new, params: { namespace_id: project.namespace, project_id: project }
 
-      expect(flash[:notice]).to eq 'Please sign in to create the new issue.'
+      expect(flash[:alert]).to eq 'You need to sign in or sign up before continuing.'
       expect(response).to redirect_to(new_user_session_path)
     end