Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The session is missing in the RequestContext for a custom Controller #362

Closed
McHunkyTrunk opened this issue Jun 4, 2020 · 1 comment
Closed
Assignees
Labels
type: bug 🐛 Something isn't working @vendure/core
Milestone

Comments

@McHunkyTrunk
Copy link
Contributor

Describe the bug
When creating a new custom Controller to extend the Admin UI, the session field remains undefined within the injected RequestContext parameter for a route. With @Allow(Permission.Authenticated) route decorator, the request just fails with a 403 status code error.forbidden, although the required and valid session cookies are sent.

To Reproduce

  1. Create a new Plugin:
@VendurePlugin({
  imports: [PluginCommonModule],
  controllers: [FooController],
})
export class FooPlugin {
}
  1. Define the new custom Controller:
@Controller("foo")
export class FooController {
  @Get("bar")
  @Allow(Permission.Authenticated)
  bar(@Ctx() ctx: RequestContext) {
    console.log("session", ctx.session)
    console.log("isAuthorized", ctx.isAuthorized)
    
    return "success";
  }
}
  1. Include the new Plugin into the Vendure config.
  2. Login into the Admin UI.
  3. Manually navigate to /foo/bar.

Expected behavior
The success string response is expected. Instead, a 403 error code will be sent, indicating the missing user authentication.

Environment (please complete the following information):

  • @vendure/core version: 0.12.3
  • Nodejs version: 12.16.2
  • Database: postgres
@michaelbromley
Copy link
Member

OK, I see that the issue occurs only when using the "cookie" tokenMethod. Hence why the e2e tests pass (the e2e tests are run with "bearer" tokenMethod).

@michaelbromley michaelbromley added this to the v0.13.0 milestone Jun 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type: bug 🐛 Something isn't working @vendure/core
Projects
None yet
Development

No branches or pull requests

2 participants