Closed renanboni closed 2 weeks ago
I got that same issues! even if I use JWT token as Authorization Bearer "jwt_token" for creating a product or any kind of authorization things that's related to vendors. not working! it's saying {message:"Unauthorized"}
I now understand the use of the auth_identify table. However, when the create admin workflow is called:
await createVendorAdminWorkflow(req.scope)
.run({
input: {
admin: {
...admin,
vendor_id: vendor[0].id,
},
authIdentityId: req.auth_context.auth_identity_id,
},
})
auth_identity_id is null.
An error is thrown but still the vendor is added to the database (the vendor_admin is not)
Hey all, we currently have a bit unexpected behavior, where if an auth identity doesn't exist we try to create it, even if you go through the login page. We will be cleaning the UX around this very soon.
The auth APIs changed in #8683. See PR description.
Bug report
Describe the bug
Following the marketplace recipe (https://docs.medusajs.com/v2/resources/recipes/marketplace/examples/vendors) to the point where we have to authenticate the vendor (I don't get how we can authenticate it if it hasn't been created yet) using the following endpoint:
http://localhost:9000/auth/vendor/emailpass
It doesn't matter what email I pass in, as long as the password is "supersecret" then a jwtToken will be returned.
There are no users in the database that match that email.
System information
Medusa version: 2.0.4 - preview
Steps to reproduce the behavior
Make a POST request to the following endpoint http://localhost:9000/auth/vendor/emailpass and observe that it returns a jwtToken regardless of the email.
Screenshots
Additional context
I don't know if the recipe tutorial is up to date, if not that might be reason then.