Skip to content

Commit 86fe88c

Browse files
authored
fix(navbar): recognize authenticated users by using credentials include in fetch
Previously, the checkUserAuth function would bail out immediately when the provider_token cookie was not available on the docs subdomain. This meant users who were authenticated on cloud.layer5.io were not recognized on docs.layer5.io, particularly in browsers like Safari with strict cookie policies. The fix adds credentials: 'include' to the fetch request so the browser sends cloud.layer5.io's session cookies with the API call, and removes the early bailout when the local cookie is missing. Fixes #1112
1 parent 46ad836 commit 86fe88c

2 files changed

Lines changed: 39 additions & 31 deletions

File tree

layouts/partials/navbar.html

Lines changed: 24 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -295,23 +295,29 @@
295295

296296
const checkUserAuth = async () => {
297297
try {
298-
const token = getCookieValue("provider_token");
299-
if (!token || token === expiredToken) { // cookie doesn't exist or has expired (due to user logout)
300-
if (isUserAuthenticated) {
301-
showSignInButton();
302-
isUserAuthenticated = false;
303-
}
304-
throw new Error("missing or expired cookie");
305-
}
306-
const re = await fetch(`${cloudAppUrl}/api/identity/users/profile`, {
298+
const token = getCookieValue("provider_token");
299+
300+
if (token && token === expiredToken) {
301+
throw new Error("expired cookie");
302+
}
303+
304+
const fetchOptions = {
307305
method: 'GET',
308-
headers: {
306+
credentials: 'include',
307+
};
308+
309+
if (token) {
310+
fetchOptions.headers = {
309311
'Authorization': `Bearer ${token}`,
310-
},
311-
});
312+
};
313+
}
314+
315+
const re = await fetch(`${cloudAppUrl}/api/identity/users/profile`, fetchOptions);
312316

313-
if (re.status === 401) { // cookie has expired
314-
expiredToken = token;
317+
if (re.status === 401) {
318+
if (token) {
319+
expiredToken = token;
320+
}
315321
throw new Error("unauthorized");
316322
}
317323
if (re.status !== 200) {
@@ -322,11 +328,13 @@
322328
updateUI(response);
323329

324330
} catch (error) {
325-
// console.error("could not set user details.", error);
326331
showSignInButton();
332+
if (isUserAuthenticated) {
333+
isUserAuthenticated = false;
334+
}
327335
}
328336
};
329-
function getAvatarUrl(response) {
337+
function getAvatarUrl(response) {
330338
const avatarUrl = response?.avatarUrl;
331339

332340
return (typeof avatarUrl === 'string' && avatarUrl.trim()) || '';

package-lock.json

Lines changed: 15 additions & 15 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)