Better documentation for `EnsureAuthenticatedLinks`?

[netwire88]

Overview/summary

Hi,
The current documentation for EnsureAuthenticatedLinks is really sparse. It simply says "Designed to be more of a lightweight session concern specifically for XHR requests. Where EnsureHasSession does far more than just session management, this concern will redirect to the splash page of the app if no active session was found."

Can you please elaborate on it to add instructions on how to use it? For example:

1. I assume EnsureAuthenticatedLinks goes in AuthenticatedController, but is it required to come after include ShopifyApp::EnsureHasSession or is it not even needed if EnsureHasSession is included? For example, we noticed that having EnsureAuthenticatedLinks come before EnsureHasSession causes AbstractController::DoubleRenderError.
2. Is EnsureAuthenticatedLinks required for Turbo / TurboLinks if we already get the token via app-bridge.js -> shopify.idToken(); and pass it via XHR requests?
3. Does config.embedded_redirect_url in shopify_app.rb need to be set as well? If so, what should it be set to? Is it supposed to be set to root_path or path that gets the token via app-bridge.js -> shopify.idToken(); (i.e. SplashPageController)?