Open Swampy469 opened 1 year ago
/bounty $50
/attempt #2363, can i get assigned?
I was able to reproduce the bug after a couple of hours setting up a fake environment.
I'm still working on it though, will have a solution by eod tomorrow. Def an issue with middleware but i still havent been able to pin point it.
took a bit longer than I thought cause i didnt have much free time this week
Describe the bug I am using a custom class that implements "AuthenticationStrategy" interface for a custom authentication flow. After the first access (when there is no ChannelToken saved in the browser) each initial APIs call return 403 error code. I find out that, even if the ChannelToken is saved (after the login), the initial (first 5 requests) APIs header requests doesn't contains "Vendure-Token". After reloading the page (CTRL + R / F5) all is fine, each request contains the Vendure-Token as header.
The first 5 requests after loading doen't contains the "Vendure-Token" inside the headers
To Reproduce Steps to reproduce the behavior:
Expected behavior You must be authorized immediatly after the first login with an external authentication strategy.
Environment (please complete the following information):
Additional context Installed plugins: