You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When creating a new custom Controller to extend the Admin UI, the session field remains undefined within the injected RequestContext parameter for a route. With @Allow(Permission.Authenticated) route decorator, the request just fails with a 403 status code error.forbidden, although the required and valid session cookies are sent.
OK, I see that the issue occurs only when using the "cookie" tokenMethod. Hence why the e2e tests pass (the e2e tests are run with "bearer" tokenMethod).
Describe the bug
When creating a new custom Controller to extend the Admin UI, the
session
field remainsundefined
within the injectedRequestContext
parameter for a route. With@Allow(Permission.Authenticated)
route decorator, the request just fails with a 403 status codeerror.forbidden
, although the required and valid session cookies are sent.To Reproduce
/foo/bar
.Expected behavior
The
success
string response is expected. Instead, a 403 error code will be sent, indicating the missing user authentication.Environment (please complete the following information):
The text was updated successfully, but these errors were encountered: